CVE-2020-27814
HIGH7.8EPSS 0.92%openjpeg2 - security update
Published: 1/26/2021Modified: 12/3/2025
Also known as:ALPINE-CVE-2020-27814DEBIAN-CVE-2020-27814
Description
A heap-buffer overflow was found in the way openjpeg2 handled certain PNG format files. An attacker could use this flaw to cause an application crash or in some cases execute arbitrary code with the permission of the user running such an application.
Affected packages (3)
- Alpine/openjpegfrom 0, < 2.3.1-r5
- Debian/openjpeg2from 0, < 2.4.0-1
- Debian/openjpeg2from 0, < 2.1.2-1.1+deb9u6
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | HIGH7.8 | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |