jp2/opj_decompress.c in OpenJPEG... CVE-2020-15389

- AV AC AU C I A
发布: 2020-06-29
修订: 2020-07-11

jp2/opj_decompress.c in OpenJPEG through 2.3.1 has a use-after-free that can be triggered if there is a mix of valid and invalid files in a directory operated on by the decompressor. Triggering a double-free may also be possible. This is related to calling opj_image_destroy twice.

0%
暂无可用Exp或PoC
产品及版本信息(CPE)暂不可用