Vulnerability CVE-2020-15389


Published: 2020-06-29

Description:
jp2/opj_decompress.c in OpenJPEG through 2.3.1 has a use-after-free that can be triggered if there is a mix of valid and invalid files in a directory operated on by the decompressor. Triggering a double-free may also be possible. This is related to calling opj_image_destroy twice.

 References:
https://github.com/uclouvain/openjpeg/issues/1261

Copyright 2020, cxsecurity.com

 

Back to Top