OSV-2023-444

Import Source

JSON Data

https://api.osv.dev/v1/vulns/OSV-2023-444

Published

2023-05-31T14:02:00.753503Z

Modified

2026-06-03T14:25:46.970972Z

Summary

Heap-buffer-overflow in opj_jp2_apply_pclr

Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=59450

Crash type: Heap-buffer-overflow READ 4
Crash state:
opj_jp2_apply_pclr
opj_jp2_decode
cv::detail::Jpeg2KOpjDecoderBase::readData

References

Affected packages

3.*

3.4.20

4.*

4.10.0

4.11.0

4.12.0

4.13.0

4.8.0

4.8.1

4.9.0

5.*

5.0.0-alpha

{
    "severity": "MEDIUM"
}

source

"https://github.com/google/oss-fuzz-vulns/blob/main/vulns/opencv/OSV-2023-444.yaml"

introduced_range

"67e0ed93a938714e14d048e84a227465a98d2706:6ad77b23193bdf7e40db83e6077789284ac08781"