CVE-2023-39328

Openjpeg: denail of service via crafted image file

Published: 7/9/2024 Last updated: 11/20/2025 Reserved: 7/27/2023

A vulnerability was found in OpenJPEG similar to CVE-2019-6988. This flaw allows an attacker to bypass existing protections and cause an application crash through a maliciously crafted file.

CNA assigner: redhat (53f830b8-0a3f-465b-8143-3b8a9948e749) Requested by: n/a

Metrics

Version	Score	Severity	Vector String
3.1	5.5	Medium	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Opam packages affected (1)

grib

Products affected (15)

Product	Vendor	Version
Red Hat Enterprise Linux 8	Red Hat	n/a
Red Hat Enterprise Linux 8	Red Hat	n/a
Red Hat Enterprise Linux 8	Red Hat	n/a
Red Hat Enterprise Linux 8	Red Hat	Android kernel
		19.2.099
Red Hat Enterprise Linux 7	Red Hat	n/a
Red Hat Enterprise Linux 6	Red Hat	n/a
		n/a
Red Hat Enterprise Linux 7	Red Hat	<= 1.13.0
Red Hat Enterprise Linux 6	Red Hat	n/a
Red Hat Enterprise Linux 9	Red Hat	20.6.1
Red Hat Enterprise Linux 7	Red Hat	NZXT CAM 4.8.0
Red Hat Enterprise Linux 8	Red Hat	<= 1.0.6
Red Hat Enterprise Linux 9	Red Hat	n/a
Red Hat Enterprise Linux 7	Red Hat	20.1.3

CVE-2023-39328

Openjpeg: denail of service via crafted image file

Metrics

Opam packages affected (1)

Products affected (15)

References (8)