jbig2imagecompose in jbig2_image.c in Artifex jbig2dec before 0.18 has a heap-based buffer overflow.
{ "vanir_signatures": [ { "id": "CVE-2020-12268-924c29ab", "signature_type": "Function", "target": { "file": "jbig2_image.c", "function": "jbig2_image_compose" }, "deprecated": false, "digest": { "length": 2314.0, "function_hash": "155900799814058220493720912559208313050" }, "signature_version": "v1", "source": "https://github.com/artifexsoftware/jbig2dec/commit/0726320a4b55078e9d8deb590e477d598b3da66e" }, { "id": "CVE-2020-12268-c0987598", "signature_type": "Line", "target": { "file": "jbig2_image.c" }, "deprecated": false, "digest": { "line_hashes": [ "61396668555749811848068125231363856132", "252418362158374979476010566018152555753", "246957501170545357834171659149094779928", "165385627614570169697733398513774003925", "234582650076415910176916236025065889186", "220260793454758799366951002293607683045", "110233043273871289438074883028102066942" ], "threshold": 0.9 }, "signature_version": "v1", "source": "https://github.com/artifexsoftware/jbig2dec/commit/0726320a4b55078e9d8deb590e477d598b3da66e" } ] }