OSV-2024-1279

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/openjpeg/OSV-2024-1279.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2024-1279
Published
2024-11-05T00:12:57.052133Z
Modified
2024-11-05T00:12:57.052585Z
Summary
Heap-buffer-overflow in opj_j2k_read_tile_header
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=42538309

Crash type: Heap-buffer-overflow WRITE 8
Crash state:
opj_j2k_read_tile_header
opj_j2k_decode_tiles
opj_j2k_decode
References

Affected packages

OSS-Fuzz / openjpeg

Package

Name
openjpeg
Purl
pkg:generic/openjpeg

Affected ranges

Type
GIT
Repo
https://github.com/uclouvain/openjpeg
Events
Introduced
954c6e3cb9d79aaa08c6666373d2bfa04f89ead1
Fixed
a1a56ff93961b6fd6d76e17d3c5106614d8c3ce7

Ecosystem specific 

{
    "severity": "HIGH"
}

Database specific

fixed_range 
"05de3bfdfed79f4e56d041bb970c5ec4f4c84716:a1a56ff93961b6fd6d76e17d3c5106614d8c3ce7"
source 
"https://github.com/google/oss-fuzz-vulns/blob/main/vulns/openjpeg/OSV-2024-1279.yaml"
introduced_range 
"5005a350a78d1918e98e970457a8316a23c50e19:d153c61e6fad0e1365125433e2db48661ec41ab5"