CVE-2020-6851 - log back

CVE-2020-6851 edited at 29 Dec 2020 11:16:52
Description
- OpenJPEG through 2.3.1 has a heap-based buffer overflow in opj_t1_clbl_decode_processor in openjp2/t1.c because of lack of opj_j2k_update_image_dimensions validation.
+ OpenJPEG before version 2.4.0 has a heap-based buffer overflow in opj_t1_clbl_decode_processor in openjp2/t1.c because of lack of opj_j2k_update_image_dimensions validation.
CVE-2020-6851 edited at 10 Dec 2020 13:36:22
Severity
- Unknown
+ Medium
Remote
- Unknown
+ Local
Type
- Unknown
+ Arbitrary code execution
Description
+ OpenJPEG through 2.3.1 has a heap-based buffer overflow in opj_t1_clbl_decode_processor in openjp2/t1.c because of lack of opj_j2k_update_image_dimensions validation.
References
+ https://github.com/uclouvain/openjpeg/issues/1228
+ https://github.com/uclouvain/openjpeg/pull/1229
+ https://github.com/uclouvain/openjpeg/commit/024b8407392cb0b82b04b58ed256094ed5799e04
CVE-2020-6851 created at 10 Dec 2020 13:35:03
Severity
+ Unknown
Remote
+ Unknown
Type
+ Unknown
Description
References
Notes