CVE-2021-29338 log

Source
Severity Low
Remote No
Type Denial of service
Description
Integer Overflow in OpenJPEG v2.4.0 allows remote attackers to crash the application, causing a Denial of Service (DoS). This occurs when the attacker uses the command line option "-ImgDir" on a directory that contains 1048576 files.
Group Package Affected Fixed Severity Status Ticket
AVG-1390 openjpeg2 2.4.0-1 Medium Vulnerable
References
https://github.com/uclouvain/openjpeg/issues/1338
https://github.com/uclouvain/openjpeg/files/6194593/poc.zip
https://github.com/uclouvain/openjpeg/pull/1346
https://github.com/uclouvain/openjpeg/pull/1346/commits/b4700bc09d55ac17ff6bef9b0a867f6de527be17