CVE-2020-27844 - AskarLabs CVE Database

CVE-2020-27844

Vendor N/A

Product openjpeg

Weakness CWE-20 · Input validation

Published January 5, 2021

Last update August 4, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

A flaw was found in openjpeg's src/lib/openjp2/t2.c in versions prior to 2.4.0. This flaw allows an attacker to provide crafted input to openjpeg during conversion and encoding, causing an out-of-bounds write. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

Key dates

02Disclosure timeline

January 5, 2021 CVE published

August 4, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2020-27844 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/20.html

Related vulnerabilities

04Related CVE

CVE-2026-48110 Russh: SSH message fields were decoded through allocation-first parsers before field-specific bounds CVE-2021-36048 XMP Toolkit SDK Improper Input Validation Could Lead To Arbitrary Code Execution CVE-2024-38043 PowerShell Elevation of Privilege Vulnerability CVE-2025-41379 Injection vulnerability in Iridium Certus 700 CVE-2026-34669 CAI Content Credentials | Improper Input Validation (CWE-20)