---

CVE-2020-6851 - log back

CVE-2020-6851 edited at 29 Dec 2020 11:16:52
Description	- OpenJPEG through 2.3.1 has a heap-based buffer overflow in opj_t1_clbl_decode_processor in openjp2/t1.c because of lack of opj_j2k_update_image_dimensions validation. + OpenJPEG before version 2.4.0 has a heap-based buffer overflow in opj_t1_clbl_decode_processor in openjp2/t1.c because of lack of opj_j2k_update_image_dimensions validation.

CVE-2020-6851 edited at 10 Dec 2020 13:36:22
Severity	- Unknown + Medium
Remote	- Unknown + Local
Type	- Unknown + Arbitrary code execution
Description	+ OpenJPEG through 2.3.1 has a heap-based buffer overflow in opj_t1_clbl_decode_processor in openjp2/t1.c because of lack of opj_j2k_update_image_dimensions validation.
References	+ https://github.com/uclouvain/openjpeg/issues/1228 + https://github.com/uclouvain/openjpeg/pull/1229 + https://github.com/uclouvain/openjpeg/commit/024b8407392cb0b82b04b58ed256094ed5799e04

CVE-2020-6851 created at 10 Dec 2020 13:35:03
Severity	+ Unknown
Remote	+ Unknown
Type	+ Unknown
Description
References
Notes