Showing 1 - 6 of 6

CVE-2020-15389

Status Candidate

Overview

jp2/opj_decompress.c in OpenJPEG through 2.3.1 has a use-after-free that can be triggered if there is a mix of valid and invalid files in a directory operated on by the decompressor. Triggering a double-free may also be possible. This is related to calling opj_image_destroy twice.

Related Files

Ubuntu Security Notice USN-5952-1: Posted Mar 15, 2023; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 5952-1 - Sebastian Poeplau discovered that OpenJPEG incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 18.04 LTS.; tags | advisory, remote, denial of service, arbitrary; systems | linux, ubuntu; advisories | CVE-2020-15389, CVE-2020-27841, CVE-2020-27845, CVE-2020-6851; SHA-256 | 4be9c939d6c5718150317af06dec9d65e0170abd7bf4406fda3fcb0f764c8904; Download | Favorite | View

Red Hat Security Advisory 2022-0202-04: Posted Jan 20, 2022; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2022-0202-04 - The Migration Toolkit for Containers enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API.; tags | advisory, web; systems | linux, redhat; advisories | CVE-2016-4658, CVE-2018-20845, CVE-2018-20847, CVE-2018-25009, CVE-2018-25010, CVE-2018-25012, CVE-2018-25013, CVE-2018-25014, CVE-2018-5727, CVE-2018-5785, CVE-2019-12973, CVE-2019-13750, CVE-2019-13751, CVE-2019-17594, CVE-2019-17595, CVE-2019-18218, CVE-2019-19603, CVE-2019-20838, CVE-2019-5827, CVE-2020-10001, CVE-2020-12762, CVE-2020-13435, CVE-2020-13558, CVE-2020-14145, CVE-2020-14155, CVE-2020-15389, CVE-2020-16135; SHA-256 | 194b1fb3244796d500710e340e920f92f4abc83abbfaacd11163fd0cbe51025b; Download | Favorite | View

Red Hat Security Advisory 2021-4251-04: Posted Nov 10, 2021; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2021-4251-04 - OpenJPEG is an open source library for reading and writing image files in JPEG2000 format. Issues addressed include buffer overflow, code execution, denial of service, double free, integer overflow, null pointer, out of bounds read, out of bounds write, and use-after-free vulnerabilities.; tags | advisory, denial of service, overflow, vulnerability, code execution; systems | linux, redhat; advisories | CVE-2018-20845, CVE-2018-20847, CVE-2018-5727, CVE-2018-5785, CVE-2019-12973, CVE-2020-15389, CVE-2020-27814, CVE-2020-27823, CVE-2020-27824, CVE-2020-27842, CVE-2020-27843, CVE-2020-27845, CVE-2021-29338, CVE-2021-3575; SHA-256 | 7b38b3e2d2fd976a24d1cdc65e2f987a5a7dbc8389e2c3137e8588a351a2710a; Download | Favorite | View

Debian Security Advisory 4882-1: Posted Apr 28, 2021; Authored by Debian | Site debian.org; Debian Linux Security Advisory 4882-1 - Multiple vulnerabilities have been discovered in openjpeg2, the open-source JPEG 2000 codec, which could result in denial of service or the execution of arbitrary code when opening a malformed image.; tags | advisory, denial of service, arbitrary, vulnerability; systems | linux, debian; advisories | CVE-2020-15389, CVE-2020-27814, CVE-2020-27823, CVE-2020-27824, CVE-2020-27841, CVE-2020-27842, CVE-2020-27843, CVE-2020-27845, CVE-2020-6851, CVE-2020-8112; SHA-256 | 5fc3f278bb64bcfcf29ee82912aa943b536f0376eb4d1d1fd72ad6bc7fcf84c7; Download | Favorite | View

Gentoo Linux Security Advisory 202101-29: Posted Jan 26, 2021; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 202101-29 - Multiple vulnerabilities have been found in OpenJPEG, the worst of which could result in the arbitrary execution of code. Versions less than *:1 and 2.4.0:2 are affected.; tags | advisory, arbitrary, vulnerability; systems | linux, gentoo; advisories | CVE-2018-21010, CVE-2019-12973, CVE-2020-15389, CVE-2020-27814, CVE-2020-27841, CVE-2020-27842, CVE-2020-27843, CVE-2020-27844, CVE-2020-27845; SHA-256 | d7427ed887d3bec4e3cc0f879b842451b75367e0346ae8c497dedb039c37a22e; Download | Favorite | View

Ubuntu Security Notice USN-4685-1: Posted Jan 7, 2021; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 4685-1 - It was discovered that OpenJPEG incorrectly handled certain image data. An attacker could use this issue to cause OpenJPEG to crash, leading to a denial of service, or possibly execute arbitrary code.; tags | advisory, denial of service, arbitrary; systems | linux, ubuntu; advisories | CVE-2020-15389, CVE-2020-27841; SHA-256 | 00690d662f63cb5df2b3e3f8052cb8a550665941724b83e5d503321321d59e59; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 305 files
Ubuntu 67 files
Debian 23 files
Gentoo 8 files
LiquidWorm 6 files
Apple 5 files
Google Security Research 5 files
Spencer McIntyre 3 files
Ivan Fratric 3 files
Jann Horn 2 files

File Archives

Systems

AIX (430)
Apple (2,133)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,177)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,607)
HPUX (881)
iOS (395)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (52,160)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,495)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (10,025)
UNIX (9,482)
UnixWare (188)
Windows (6,786)
Other

CVE-2020-15389

Overview

Related Files

File Archive:

December 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems