Approved changes feed: RSS · Atom

cpe:2.3:a:n/a:openjpeg:*:*:*:*:*:*:*:*

part: a version: * update: *

VendorN/A (22f567d3-1203-528c-8f0e-3eb9c2f6ca78)
ProductOpenjpeg (bb427f61-155c-59c9-bddb-fdd73a435c71)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from gcve-enriched-dumps CVE data

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2021-3575 vulnerable 2026-06-08 05:33:52.831228 Details available
A heap-based buffer overflow was found in openjpeg in color.c:379:42 in sycc420_to_rgb when decompressing a crafted .j2k file. An attacker could use this to execute arbitrary code with the permissions of the application compiled against openjpeg.
Published: 2022-03-04T17:20:40.000Z
Updated: 2025-11-03T19:25:50.833Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2020-27845 vulnerable 2026-06-08 05:23:53.317237 Details available
There's a flaw in src/lib/openjp2/pi.c of openjpeg in versions prior to 2.4.0. If an attacker is able to provide untrusted input to openjpeg's conversion/encoding functionality, they could cause an out-of-bounds read. The highest impact of this flaw is to application availability.
Published: 2021-01-05T17:44:30.000Z
Updated: 2024-08-04T16:25:43.862Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2020-27844 vulnerable 2026-06-08 05:23:53.316615 Details available
A flaw was found in openjpeg's src/lib/openjp2/t2.c in versions prior to 2.4.0. This flaw allows an attacker to provide crafted input to openjpeg during conversion and encoding, causing an out-of-bounds write. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
Published: 2021-01-05T17:43:49.000Z
Updated: 2024-08-04T16:25:43.677Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2020-27843 vulnerable 2026-06-08 05:23:53.315603 Details available
A flaw was found in OpenJPEG in versions prior to 2.4.0. This flaw allows an attacker to provide specially crafted input to the conversion or encoding functionality, causing an out-of-bounds read. The highest threat from this vulnerability is system availability.
Published: 2021-01-05T17:22:06.000Z
Updated: 2024-08-04T16:25:43.322Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2020-27842 vulnerable 2026-06-08 05:23:53.310276 Details available
There's a flaw in openjpeg's t2 encoder in versions prior to 2.4.0. An attacker who is able to provide crafted input to be processed by openjpeg could cause a null pointer dereference. The highest impact of this flaw is to application availability.
Published: 2021-01-05T17:21:40.000Z
Updated: 2024-08-04T16:25:43.575Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2020-27841 vulnerable 2026-06-08 05:23:53.307162 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2020-27824 vulnerable 2026-06-08 05:23:53.250703 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2020-27823 vulnerable 2026-06-08 05:23:53.249951 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2020-27814 vulnerable 2026-06-08 05:23:53.216915 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.