UBUNTU-CVE-2020-27814
- Source
- https://ubuntu.com/security/CVE-2020-27814
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2020/UBUNTU-CVE-2020-27814.json
- JSON Data
- https://api.osv.dev/v1/vulns/UBUNTU-CVE-2020-27814
- Upstream
- Downstream
- Related
- Published
- 2020-11-30T00:00:00Z
- Modified
- 2025-10-24T04:48:52Z
- Severity
-
- 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
- Ubuntu - medium
- Summary
- [none]
- Details
-
A heap-buffer overflow was found in the way openjpeg2 handled certain PNG format files. An attacker could use this flaw to cause an application crash or in some cases execute arbitrary code with the permission of the user running such an application.
- References
Affected packages
Ubuntu:16.04:LTS
ghostscript
Package
- Name
- ghostscript
- Purl
- pkg:deb/ubuntu/ghostscript@9.26~dfsg+0-0ubuntu0.16.04.14?arch=source&distro=xenial
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed9.26~dfsg+0-0ubuntu0.16.04.14
Affected versions
9.*
9.16~dfsg~0-0ubuntu3
9.16~dfsg~0-0ubuntu4
9.18~dfsg~0-0ubuntu1
9.18~dfsg~0-0ubuntu2
9.18~dfsg~0-0ubuntu2.2
9.18~dfsg~0-0ubuntu2.3
9.18~dfsg~0-0ubuntu2.4
9.18~dfsg~0-0ubuntu2.6
9.18~dfsg~0-0ubuntu2.7
9.18~dfsg~0-0ubuntu2.8
9.18~dfsg~0-0ubuntu2.9
9.25~dfsg+1-0ubuntu0.16.04.1
9.25~dfsg+1-0ubuntu0.16.04.2
9.25~dfsg+1-0ubuntu0.16.04.3
9.26~dfsg+0-0ubuntu0.16.04.1
9.26~dfsg+0-0ubuntu0.16.04.3
9.26~dfsg+0-0ubuntu0.16.04.4
9.26~dfsg+0-0ubuntu0.16.04.5
9.26~dfsg+0-0ubuntu0.16.04.6
9.26~dfsg+0-0ubuntu0.16.04.7
9.26~dfsg+0-0ubuntu0.16.04.8
9.26~dfsg+0-0ubuntu0.16.04.9
9.26~dfsg+0-0ubuntu0.16.04.10
9.26~dfsg+0-0ubuntu0.16.04.11
9.26~dfsg+0-0ubuntu0.16.04.12
9.26~dfsg+0-0ubuntu0.16.04.13
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"binary_name": "ghostscript",
"binary_version": "9.26~dfsg+0-0ubuntu0.16.04.14"
},
{
"binary_name": "ghostscript-x",
"binary_version": "9.26~dfsg+0-0ubuntu0.16.04.14"
},
{
"binary_name": "libgs-dev",
"binary_version": "9.26~dfsg+0-0ubuntu0.16.04.14"
},
{
"binary_name": "libgs9",
"binary_version": "9.26~dfsg+0-0ubuntu0.16.04.14"
},
{
"binary_name": "libgs9-common",
"binary_version": "9.26~dfsg+0-0ubuntu0.16.04.14"
}
]
}openjpeg2
Package
- Name
- openjpeg2
- Purl
- pkg:deb/ubuntu/openjpeg2@2.1.2-1.1+deb9u6build0.16.04.1?arch=source&distro=xenial
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.1.2-1.1+deb9u6build0.16.04.1
Affected versions
2.*
2.1.0-2.1
2.1.0-2.1ubuntu0.1
2.1.2-1.1+deb9u2build0.1
2.1.2-1.1+deb9u3build0.16.04.1
2.1.2-1.1+deb9u5build0.16.04.1
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"binary_name": "libopenjp2-7",
"binary_version": "2.1.2-1.1+deb9u6build0.16.04.1"
},
{
"binary_name": "libopenjp2-7-dev",
"binary_version": "2.1.2-1.1+deb9u6build0.16.04.1"
},
{
"binary_name": "libopenjp2-tools",
"binary_version": "2.1.2-1.1+deb9u6build0.16.04.1"
},
{
"binary_name": "libopenjp3d-tools",
"binary_version": "2.1.2-1.1+deb9u6build0.16.04.1"
},
{
"binary_name": "libopenjp3d7",
"binary_version": "2.1.2-1.1+deb9u6build0.16.04.1"
},
{
"binary_name": "libopenjpip-dec-server",
"binary_version": "2.1.2-1.1+deb9u6build0.16.04.1"
},
{
"binary_name": "libopenjpip-server",
"binary_version": "2.1.2-1.1+deb9u6build0.16.04.1"
},
{
"binary_name": "libopenjpip-viewer",
"binary_version": "2.1.2-1.1+deb9u6build0.16.04.1"
},
{
"binary_name": "libopenjpip7",
"binary_version": "2.1.2-1.1+deb9u6build0.16.04.1"
}
]
}Ubuntu:18.04:LTS
ghostscript
Package
- Name
- ghostscript
- Purl
- pkg:deb/ubuntu/ghostscript@9.26~dfsg+0-0ubuntu0.18.04.14?arch=source&distro=bionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed9.26~dfsg+0-0ubuntu0.18.04.14
Affected versions
9.*
9.21~dfsg+1-0ubuntu3
9.22~dfsg+1-0ubuntu1
9.22~dfsg+1-0ubuntu1.1
9.22~dfsg+1-0ubuntu1.2
9.25~dfsg+1-0ubuntu0.18.04.1
9.25~dfsg+1-0ubuntu0.18.04.2
9.26~dfsg+0-0ubuntu0.18.04.1
9.26~dfsg+0-0ubuntu0.18.04.3
9.26~dfsg+0-0ubuntu0.18.04.4
9.26~dfsg+0-0ubuntu0.18.04.5
9.26~dfsg+0-0ubuntu0.18.04.6
9.26~dfsg+0-0ubuntu0.18.04.7
9.26~dfsg+0-0ubuntu0.18.04.8
9.26~dfsg+0-0ubuntu0.18.04.9
9.26~dfsg+0-0ubuntu0.18.04.10
9.26~dfsg+0-0ubuntu0.18.04.11
9.26~dfsg+0-0ubuntu0.18.04.12
9.26~dfsg+0-0ubuntu0.18.04.13
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"binary_name": "ghostscript",
"binary_version": "9.26~dfsg+0-0ubuntu0.18.04.14"
},
{
"binary_name": "ghostscript-x",
"binary_version": "9.26~dfsg+0-0ubuntu0.18.04.14"
},
{
"binary_name": "libgs-dev",
"binary_version": "9.26~dfsg+0-0ubuntu0.18.04.14"
},
{
"binary_name": "libgs9",
"binary_version": "9.26~dfsg+0-0ubuntu0.18.04.14"
},
{
"binary_name": "libgs9-common",
"binary_version": "9.26~dfsg+0-0ubuntu0.18.04.14"
}
]
}openjpeg2
Package
- Name
- openjpeg2
- Purl
- pkg:deb/ubuntu/openjpeg2@2.3.0-2+deb10u2build0.18.04.1?arch=source&distro=bionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.3.0-2+deb10u2build0.18.04.1
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"binary_name": "libopenjp2-7",
"binary_version": "2.3.0-2+deb10u2build0.18.04.1"
},
{
"binary_name": "libopenjp2-7-dev",
"binary_version": "2.3.0-2+deb10u2build0.18.04.1"
},
{
"binary_name": "libopenjp2-tools",
"binary_version": "2.3.0-2+deb10u2build0.18.04.1"
},
{
"binary_name": "libopenjp3d-tools",
"binary_version": "2.3.0-2+deb10u2build0.18.04.1"
},
{
"binary_name": "libopenjp3d7",
"binary_version": "2.3.0-2+deb10u2build0.18.04.1"
},
{
"binary_name": "libopenjpip-dec-server",
"binary_version": "2.3.0-2+deb10u2build0.18.04.1"
},
{
"binary_name": "libopenjpip-server",
"binary_version": "2.3.0-2+deb10u2build0.18.04.1"
},
{
"binary_name": "libopenjpip-viewer",
"binary_version": "2.3.0-2+deb10u2build0.18.04.1"
},
{
"binary_name": "libopenjpip7",
"binary_version": "2.3.0-2+deb10u2build0.18.04.1"
}
]
}Ubuntu:20.04:LTS
openjpeg2
Package
- Name
- openjpeg2
- Purl
- pkg:deb/ubuntu/openjpeg2@2.3.1-1ubuntu4.20.04.1?arch=source&distro=focal
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.3.1-1ubuntu4.20.04.1
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"binary_name": "libopenjp2-7",
"binary_version": "2.3.1-1ubuntu4.20.04.1"
},
{
"binary_name": "libopenjp2-7-dev",
"binary_version": "2.3.1-1ubuntu4.20.04.1"
},
{
"binary_name": "libopenjp2-tools",
"binary_version": "2.3.1-1ubuntu4.20.04.1"
},
{
"binary_name": "libopenjp3d-tools",
"binary_version": "2.3.1-1ubuntu4.20.04.1"
},
{
"binary_name": "libopenjp3d7",
"binary_version": "2.3.1-1ubuntu4.20.04.1"
},
{
"binary_name": "libopenjpip-dec-server",
"binary_version": "2.3.1-1ubuntu4.20.04.1"
},
{
"binary_name": "libopenjpip-server",
"binary_version": "2.3.1-1ubuntu4.20.04.1"
},
{
"binary_name": "libopenjpip-viewer",
"binary_version": "2.3.1-1ubuntu4.20.04.1"
},
{
"binary_name": "libopenjpip7",
"binary_version": "2.3.1-1ubuntu4.20.04.1"
}
]
}qtwebengine-opensource-src
Package
- Name
- qtwebengine-opensource-src
- Purl
- pkg:deb/ubuntu/qtwebengine-opensource-src@5.12.8+dfsg-0ubuntu1.1?arch=source&distro=focal
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
5.*
5.12.4+dfsg-1ubuntu1
5.12.4+dfsg-1ubuntu3
5.12.5+dfsg-3ubuntu1
5.12.5+dfsg-6ubuntu2
5.12.5+dfsg-7
5.12.5+dfsg-7build1
5.12.8+dfsg-0ubuntu1
5.12.8+dfsg-0ubuntu1.1
Ecosystem specific
{
"binaries": [
{
"binary_name": "libqt5webengine-data",
"binary_version": "5.12.8+dfsg-0ubuntu1.1"
},
{
"binary_name": "libqt5webengine5",
"binary_version": "5.12.8+dfsg-0ubuntu1.1"
},
{
"binary_name": "libqt5webenginecore5",
"binary_version": "5.12.8+dfsg-0ubuntu1.1"
},
{
"binary_name": "libqt5webenginewidgets5",
"binary_version": "5.12.8+dfsg-0ubuntu1.1"
},
{
"binary_name": "qml-module-qtwebengine",
"binary_version": "5.12.8+dfsg-0ubuntu1.1"
},
{
"binary_name": "qtwebengine5-dev",
"binary_version": "5.12.8+dfsg-0ubuntu1.1"
},
{
"binary_name": "qtwebengine5-dev-tools",
"binary_version": "5.12.8+dfsg-0ubuntu1.1"
},
{
"binary_name": "qtwebengine5-doc-html",
"binary_version": "5.12.8+dfsg-0ubuntu1.1"
},
{
"binary_name": "qtwebengine5-examples",
"binary_version": "5.12.8+dfsg-0ubuntu1.1"
},
{
"binary_name": "qtwebengine5-private-dev",
"binary_version": "5.12.8+dfsg-0ubuntu1.1"
}
]
}Ubuntu:22.04:LTS
openjpeg2
Package
- Name
- openjpeg2
- Purl
- pkg:deb/ubuntu/openjpeg2@2.3.1-1ubuntu5?arch=source&distro=jammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.3.1-1ubuntu5
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"binary_name": "libopenjp2-7",
"binary_version": "2.3.1-1ubuntu5"
},
{
"binary_name": "libopenjp2-7-dev",
"binary_version": "2.3.1-1ubuntu5"
},
{
"binary_name": "libopenjp2-tools",
"binary_version": "2.3.1-1ubuntu5"
},
{
"binary_name": "libopenjp3d-tools",
"binary_version": "2.3.1-1ubuntu5"
},
{
"binary_name": "libopenjp3d7",
"binary_version": "2.3.1-1ubuntu5"
},
{
"binary_name": "libopenjpip-dec-server",
"binary_version": "2.3.1-1ubuntu5"
},
{
"binary_name": "libopenjpip-server",
"binary_version": "2.3.1-1ubuntu5"
},
{
"binary_name": "libopenjpip-viewer",
"binary_version": "2.3.1-1ubuntu5"
},
{
"binary_name": "libopenjpip7",
"binary_version": "2.3.1-1ubuntu5"
}
]
}qtwebengine-opensource-src
Package
- Name
- qtwebengine-opensource-src
- Purl
- pkg:deb/ubuntu/qtwebengine-opensource-src@5.15.9+dfsg-1?arch=source&distro=jammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
5.*
5.15.6+dfsg-1
5.15.6+dfsg-2
5.15.7+dfsg-2
5.15.8+dfsg-1
5.15.8+dfsg-1build1
5.15.8+dfsg-1build2
5.15.8+dfsg-2
5.15.9+dfsg-1
Ecosystem specific
{
"binaries": [
{
"binary_name": "libqt5pdf5",
"binary_version": "5.15.9+dfsg-1"
},
{
"binary_name": "libqt5pdfwidgets5",
"binary_version": "5.15.9+dfsg-1"
},
{
"binary_name": "libqt5webengine-data",
"binary_version": "5.15.9+dfsg-1"
},
{
"binary_name": "libqt5webengine5",
"binary_version": "5.15.9+dfsg-1"
},
{
"binary_name": "libqt5webenginecore5",
"binary_version": "5.15.9+dfsg-1"
},
{
"binary_name": "libqt5webenginewidgets5",
"binary_version": "5.15.9+dfsg-1"
},
{
"binary_name": "qml-module-qtquick-pdf",
"binary_version": "5.15.9+dfsg-1"
},
{
"binary_name": "qml-module-qtwebengine",
"binary_version": "5.15.9+dfsg-1"
},
{
"binary_name": "qt5-image-formats-plugin-pdf",
"binary_version": "5.15.9+dfsg-1"
},
{
"binary_name": "qtpdf5-dev",
"binary_version": "5.15.9+dfsg-1"
},
{
"binary_name": "qtpdf5-doc-html",
"binary_version": "5.15.9+dfsg-1"
},
{
"binary_name": "qtpdf5-examples",
"binary_version": "5.15.9+dfsg-1"
},
{
"binary_name": "qtwebengine5-dev",
"binary_version": "5.15.9+dfsg-1"
},
{
"binary_name": "qtwebengine5-dev-tools",
"binary_version": "5.15.9+dfsg-1"
},
{
"binary_name": "qtwebengine5-doc-html",
"binary_version": "5.15.9+dfsg-1"
},
{
"binary_name": "qtwebengine5-examples",
"binary_version": "5.15.9+dfsg-1"
},
{
"binary_name": "qtwebengine5-private-dev",
"binary_version": "5.15.9+dfsg-1"
}
]
}Ubuntu:24.04:LTS
qtwebengine-opensource-src
Package
- Name
- qtwebengine-opensource-src
- Purl
- pkg:deb/ubuntu/qtwebengine-opensource-src@5.15.16+dfsg-3?arch=source&distro=noble
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
5.*
5.15.15+dfsg-2
5.15.15+dfsg-2build2
5.15.15+dfsg-2ubuntu1
5.15.16+dfsg-1
5.15.16+dfsg-1ubuntu2
5.15.16+dfsg-1ubuntu4
5.15.16+dfsg-3
Ecosystem specific
{
"binaries": [
{
"binary_name": "libqt5pdf5",
"binary_version": "5.15.16+dfsg-3"
},
{
"binary_name": "libqt5pdfwidgets5",
"binary_version": "5.15.16+dfsg-3"
},
{
"binary_name": "libqt5webengine-data",
"binary_version": "5.15.16+dfsg-3"
},
{
"binary_name": "libqt5webengine5",
"binary_version": "5.15.16+dfsg-3"
},
{
"binary_name": "libqt5webenginecore5",
"binary_version": "5.15.16+dfsg-3"
},
{
"binary_name": "libqt5webenginewidgets5",
"binary_version": "5.15.16+dfsg-3"
},
{
"binary_name": "qml-module-qtquick-pdf",
"binary_version": "5.15.16+dfsg-3"
},
{
"binary_name": "qml-module-qtwebengine",
"binary_version": "5.15.16+dfsg-3"
},
{
"binary_name": "qt5-image-formats-plugin-pdf",
"binary_version": "5.15.16+dfsg-3"
},
{
"binary_name": "qtpdf5-dev",
"binary_version": "5.15.16+dfsg-3"
},
{
"binary_name": "qtpdf5-doc-html",
"binary_version": "5.15.16+dfsg-3"
},
{
"binary_name": "qtpdf5-examples",
"binary_version": "5.15.16+dfsg-3"
},
{
"binary_name": "qtwebengine5-dev",
"binary_version": "5.15.16+dfsg-3"
},
{
"binary_name": "qtwebengine5-dev-tools",
"binary_version": "5.15.16+dfsg-3"
},
{
"binary_name": "qtwebengine5-doc-html",
"binary_version": "5.15.16+dfsg-3"
},
{
"binary_name": "qtwebengine5-examples",
"binary_version": "5.15.16+dfsg-3"
},
{
"binary_name": "qtwebengine5-private-dev",
"binary_version": "5.15.16+dfsg-3"
}
]
}Ubuntu:25.04
qtwebengine-opensource-src
Package
- Name
- qtwebengine-opensource-src
- Purl
- pkg:deb/ubuntu/qtwebengine-opensource-src@5.15.18+dfsg-2?arch=source&distro=plucky
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
5.*
5.15.17+dfsg-4
5.15.17+dfsg-5
5.15.17+dfsg2-1
5.15.17+dfsg2-2
5.15.17+dfsg2-3
5.15.18+dfsg-1
5.15.18+dfsg-2
Ecosystem specific
{
"binaries": [
{
"binary_name": "libqt5pdf5",
"binary_version": "5.15.18+dfsg-2"
},
{
"binary_name": "libqt5pdfwidgets5",
"binary_version": "5.15.18+dfsg-2"
},
{
"binary_name": "libqt5webengine-data",
"binary_version": "5.15.18+dfsg-2"
},
{
"binary_name": "libqt5webengine5",
"binary_version": "5.15.18+dfsg-2"
},
{
"binary_name": "libqt5webenginecore5",
"binary_version": "5.15.18+dfsg-2"
},
{
"binary_name": "libqt5webenginewidgets5",
"binary_version": "5.15.18+dfsg-2"
},
{
"binary_name": "qml-module-qtquick-pdf",
"binary_version": "5.15.18+dfsg-2"
},
{
"binary_name": "qml-module-qtwebengine",
"binary_version": "5.15.18+dfsg-2"
},
{
"binary_name": "qt5-image-formats-plugin-pdf",
"binary_version": "5.15.18+dfsg-2"
},
{
"binary_name": "qtpdf5-dev",
"binary_version": "5.15.18+dfsg-2"
},
{
"binary_name": "qtpdf5-doc-html",
"binary_version": "5.15.18+dfsg-2"
},
{
"binary_name": "qtpdf5-examples",
"binary_version": "5.15.18+dfsg-2"
},
{
"binary_name": "qtwebengine5-dev",
"binary_version": "5.15.18+dfsg-2"
},
{
"binary_name": "qtwebengine5-dev-tools",
"binary_version": "5.15.18+dfsg-2"
},
{
"binary_name": "qtwebengine5-doc-html",
"binary_version": "5.15.18+dfsg-2"
},
{
"binary_name": "qtwebengine5-examples",
"binary_version": "5.15.18+dfsg-2"
},
{
"binary_name": "qtwebengine5-private-dev",
"binary_version": "5.15.18+dfsg-2"
}
]
}Ubuntu:25.10
qtwebengine-opensource-src
Package
- Name
- qtwebengine-opensource-src
- Purl
- pkg:deb/ubuntu/qtwebengine-opensource-src@5.15.19+dfsg2-1?arch=source&distro=questing
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Ecosystem specific
{
"binaries": [
{
"binary_name": "libqt5pdf5",
"binary_version": "5.15.19+dfsg2-1"
},
{
"binary_name": "libqt5pdfwidgets5",
"binary_version": "5.15.19+dfsg2-1"
},
{
"binary_name": "libqt5webengine-data",
"binary_version": "5.15.19+dfsg2-1"
},
{
"binary_name": "libqt5webengine5",
"binary_version": "5.15.19+dfsg2-1"
},
{
"binary_name": "libqt5webenginecore5",
"binary_version": "5.15.19+dfsg2-1"
},
{
"binary_name": "libqt5webenginewidgets5",
"binary_version": "5.15.19+dfsg2-1"
},
{
"binary_name": "qml-module-qtquick-pdf",
"binary_version": "5.15.19+dfsg2-1"
},
{
"binary_name": "qml-module-qtwebengine",
"binary_version": "5.15.19+dfsg2-1"
},
{
"binary_name": "qt5-image-formats-plugin-pdf",
"binary_version": "5.15.19+dfsg2-1"
},
{
"binary_name": "qtpdf5-dev",
"binary_version": "5.15.19+dfsg2-1"
},
{
"binary_name": "qtpdf5-doc-html",
"binary_version": "5.15.19+dfsg2-1"
},
{
"binary_name": "qtpdf5-examples",
"binary_version": "5.15.19+dfsg2-1"
},
{
"binary_name": "qtwebengine5-dev",
"binary_version": "5.15.19+dfsg2-1"
},
{
"binary_name": "qtwebengine5-dev-tools",
"binary_version": "5.15.19+dfsg2-1"
},
{
"binary_name": "qtwebengine5-doc-html",
"binary_version": "5.15.19+dfsg2-1"
},
{
"binary_name": "qtwebengine5-examples",
"binary_version": "5.15.19+dfsg2-1"
},
{
"binary_name": "qtwebengine5-private-dev",
"binary_version": "5.15.19+dfsg2-1"
}
]
}