Note:
This project will be discontinued after December 13, 2021. [more]
2019-01-28
An issue was discovered in OpenJPEG 2.3.0. It allows remote attackers to cause a denial of service (attempted excessive memory allocation) in opj_calloc in openjp2/opj_malloc.c, when called from opj_tcd_init_tile in openjp2/tcd.c, as demonstrated by the 64-bit opj_decompress.
Products | Openjpeg |
Type | Uncontrolled Resource Consumption (CWE-400) |
First patch | - None (likely due to unavailable code) |
Links |
• https://github.com/uclouvain/openjpeg/issues/1178
• http://www.securityfocus.com/bid/106785 |