oss-sec mailing list archives
CVE Request : Use-after-free in openjpeg
From: FEIST Josselin <josselin.feist () gmail com>
Date: Tue, 15 Sep 2015 17:33:55 +0200
Hi, Use-after-free was found in openjpeg (https://github.com/uclouvain/openjpeg). The vuln is fixed in version 2.1.1 and was located in opj_j2k_write_mco function. More details are available here : https://github.com/uclouvain/openjpeg/issues/563. Is it possible to get a CVE for this ? Credit goes to the static analyzer Gueb. Best regards, Feist Josselin / //Timeline :// //14 August : use-after-free found and reported // //6 September : use-after-free fixed/
Current thread:
- CVE Request : Use-after-free in openjpeg FEIST Josselin (Sep 15)