CVE-2018-20847
Summary
| CVE | CVE-2018-20847 |
|---|
| State | PUBLIC |
|---|
| Assigner | [email protected] |
|---|
| Source Priority | CVE Program / NVD first with legacy fallback |
|---|
| Published | 2019-06-26 18:15:00 UTC |
|---|
| Updated | 2023-02-27 16:47:00 UTC |
|---|
| Description | An improper computation of p_tx0, p_tx1, p_ty0 and p_ty1 in the function opj_get_encoding_parameters in openjp2/pi.c in OpenJPEG through 2.3.0 can lead to an integer overflow. |
|---|
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|
| [trunk] fixed a buffer overflow in opj_tcd_init_decode_tile · uclouvain/openjpeg@5d00b71 · GitHub |
MISC |
github.com |
Patch, Third Party Advisory |
| Heap-buffer-overflow in opj_tcd_init_decode_tile · Issue #431 · uclouvain/openjpeg · GitHub |
MISC |
github.com |
Third Party Advisory |
| Fix multiple potential vulnerabilities and bugs by Young-X · Pull Request #1168 · uclouvain/openjpeg · GitHub |
MISC |
github.com |
Patch, Third Party Advisory |
| OpenJPEG Multiple Security Vulnerabilities |
BID |
www.securityfocus.com |
|
| [SECURITY] [DLA 1851-1] openjpeg2 security update |
MLIST |
lists.debian.org |
|
| CVE Program record |
CVE.ORG |
www.cve.org |
canonical |
| NVD vulnerability detail |
NVD |
nvd.nist.gov |
canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 159478 Oracle Enterprise Linux Security Update for openjpeg2 (ELSA-2021-4251)
- 239842 Red Hat Update for openjpeg2 (RHSA-2021:4251)
- 353122 Amazon Linux Security Advisory for openjpeg2 : ALAS2-2022-1741
- 940171 AlmaLinux Security Update for openjpeg2 (ALSA-2021:4251)
- 960346 Rocky Linux Security Update for openjpeg2 (RLSA-2021:4251)
