OSV-2022-416

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/openjpeg/OSV-2022-416.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2022-416
Published
2022-05-19T00:00:17.026619Z
Modified
2022-05-19T00:00:17.026871Z
Summary
Heap-buffer-overflow in opj_t1_allocate_buffers
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=47500

Crash type: Heap-buffer-overflow WRITE {*}
Crash state:
opj_t1_allocate_buffers
opj_t1_clbl_decode_processor
opj_thread_pool_submit_job
References

Affected packages

OSS-Fuzz / openjpeg

Package

Name
openjpeg
Purl
pkg:generic/openjpeg

Affected ranges

Type
GIT
Repo
https://github.com/uclouvain/openjpeg
Events
Introduced
cf90ff0c57ad5b12aa6e227d7202960a5770144d
Fixed
0535bfc3b7d5cd6fc73a7d4a6749a338fc5d7703

Affected versions

v2.*

v2.5.0

Ecosystem specific 

{
    "severity": "HIGH"
}