VDB
WID-SEC-W-2022-1880
WID-SEC-W-2022-1880
PUBLISHED
CVSS 9.300000190734863 CRITICAL
Die OpenJPEG Bibliothek ist ein in C geschriebener Open Source JPEG 2000 Codec.
Risk Scores
CVSS v4.0
9.300000190734863
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian Linux | ||
| SUSE Linux | ||
| Amazon Linux 2 | ||
| Ubuntu Linux | ||
| Open Source OpenJPEG < 2.4.0 | ||
| Red Hat Enterprise Linux |
Exploit Intelligence
- pazhanivel07/openjpeg-2.3.0_CVE-2020-27824 (github-poc)
- https://alas.aws.amazon.com/AL2/ALAS-2022-1741.html (circl)
- https://ubuntu.com/security/notices/USN-5952-1 (circl)
- https://www.debian.org/security/2021/dsa-4882 (circl)
- https://github.com/uclouvain/openjpeg/blob/v2.4.0/CHANGELOG.md (circl)
- https://ubuntu.com/security/notices/USN-4685-1 (circl)
- https://ubuntu.com/security/notices/USN-4686-1 (circl)
- https://lists.debian.org/debian-lts-announce/2021/02/msg00011.html (circl)
- https://ubuntu.com/security/notices/USN-4880-1 (circl)
- https://wid.cert-bund.de/.well-known/csaf/white/2020/wid-sec-w-2022-1880.json (circl)
…and 11 more exploits
Timeline
- Dec 29, 2020 CVE Published
- Mar 15, 2023 CVE Updated
- Apr 3, 2026 Distribution Patch
- Apr 3, 2026 Distribution Patch
- Apr 3, 2026 Distribution Patch
- Apr 3, 2026 Distribution Patch
- Apr 3, 2026 Distribution Patch
- Apr 3, 2026 Distribution Patch
References
- https://wid.cert-bund.de/.well-known/csaf/white/2020/wid-sec-w-2022-1880.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-1880 advisory
- https://ubuntu.com/security/notices/USN-5952-1 url
- https://www.debian.org/security/2021/dsa-4882 url
- https://github.com/uclouvain/openjpeg/blob/v2.4.0/CHANGELOG.md url
- https://ubuntu.com/security/notices/USN-4685-1 url
- https://ubuntu.com/security/notices/USN-4686-1 url
- https://lists.debian.org/debian-lts-announce/2021/02/msg00011.html url
- https://ubuntu.com/security/notices/USN-4880-1 url
- https://access.redhat.com/errata/RHSA-2021:4251 url
- https://alas.aws.amazon.com/AL2/ALAS-2022-1741.html url
- https://lists.suse.com/pipermail/sle-security-updates/2022-April/010666.html url
- https://lists.debian.org/debian-lts-announce/2022/04/msg00006.html url
- https://lists.suse.com/pipermail/sle-security-updates/2022-April/010745.html url
- https://lists.suse.com/pipermail/sle-security-updates/2022-April/010791.html url
- https://lists.suse.com/pipermail/sle-security-updates/2022-October/012730.html url
- https://lists.suse.com/pipermail/sle-security-updates/2022-October/012731.html url
- https://lists.suse.com/pipermail/sle-security-updates/2022-November/012995.html url