CVE-2022-1122: CVE-2022-1122

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2022-1122

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

A flaw was found in the opj2_decompress program in openjpeg2 2.4.0 in the way it handles an input directory with a large number of files. When it fails to allocate a buffer to store the filenames of the input directory, it calls free() on an uninitialized pointer, leading to a segmentation fault and a denial of service.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

初始化不恰当

Source: NVD (National Vulnerability Database)

Vulnerability Title

OpenJPEG 安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

OpenJPEG是一款基于C语言的开源JPEG2000编码解码器。 OpenJPEG 2.4.0版本存在安全漏洞，该漏洞源于opj2_decompress程序当它未能分配缓冲区来存储输入目录的文件名时，它会在未初始化的指针上调用free()，从而导致分段错误和拒绝服务。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	openjpeg2	openjpeg2 version 2.4.0 and prior	-

II. Public POCs for CVE-2022-1122

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2022-1122

Please Login to view more intelligence information

https://github.com/uclouvain/openjpeg/issues/1368x_refsource_MISC
https://security.gentoo.org/glsa/202209-04vendor-advisoryx_refsource_GENTOO
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MIWSQFQWXDU4MT3XTVAO6HC7TVL3NHS7/vendor-advisoryx_refsource_FEDORA
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RMKBAMK2CAM5TMC5TODKVCE5AAPTD5YV/vendor-advisoryx_refsource_FEDORA
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ROSN5NRUFOH7HGLJ4ZSKPGAKLFXJALW4/vendor-advisoryx_refsource_FEDORA
https://lists.debian.org/debian-lts-announce/2022/04/msg00006.htmlmailing-listx_refsource_MLIST
https://nvd.nist.gov/vuln/detail/CVE-2022-1122

New Vulnerabilities

Product: openjpeg2

Vendor: n/a

Same weakness: CWE-665

V. Comments for CVE-2022-1122

No comments yet

Support Us — Your donation helps us keep running

I. Basic Information for CVE-2022-1122

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2022-1122

III. Intelligence Information for CVE-2022-1122

New Vulnerabilities

V. Comments for CVE-2022-1122

Leave a comment