Heap-Based Buffer Overflow Vulnerability in OpenJPEG Product by OpenJPEG
CVE-2020-8112

8.8HIGH

Key Information:

Vendor: Uclouvain
Status: Openjpeg
Vendor: CVE Published:; 28 January 2020

What is CVE-2020-8112?

An identified vulnerability within OpenJPEG versions up to 2.3.1 includes a heap-based buffer overflow within the opj_t1_clbl_decode_processor function. This issue becomes evident when the qmfbid parameter equals 1. This vulnerability poses risks for applications utilizing OpenJPEG for JPEG 2000 encoding and decoding, making it essential for users to apply security updates to protect against potential exploitation.