CVE-2018-7648 - Vulncode-DB

CVE-2018-7648 (NVD)

2018-03-02

An issue was discovered in mj2/opj_mj2_extract.c in OpenJPEG 2.3.0. The output prefix was not checked for length, which could overflow a buffer, when providing a prefix with 50 or more characters on the command line.

Products	Openjpeg
Type	Improper Restriction of Operations within the Bounds of a Memory Buffer (CWE-119)
First patch	https://github.com/kbabioch/openjpeg/commit/6d8c0c06ee32dc03ba80acd48334e98728e56cf5
Patches	https://github.com/uclouvain/openjpeg/commit/cc3824767bde397fedb8a1ae4786a222ba860c8d
Relevant file/s	./src/bin/mj2/opj_mj2_extract.c (modified, +6, -1)
Links	https://github.com/uclouvain/openjpeg/issues/1088

openjpeg - Tree: 6d8c0c06ee

(? files)

Filter Settings

All Files

Relevant Files

Vulnerable Files

Patched Files

Files

VS-Dark VS-Bright Monokai Darcula

Navigation

Patch data:

(on by default)

Patched area: