{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-29T18:03:22.749","vulnerabilities":[{"cve":{"id":"CVE-2020-27814","sourceIdentifier":"secalert@redhat.com","published":"2021-01-26T18:15:46.613","lastModified":"2024-11-21T05:21:51.817","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A heap-buffer overflow was found in the way openjpeg2 handled certain PNG format files. An attacker could use this flaw to cause an application crash or in some cases execute arbitrary code with the permission of the user running such an application."},{"lang":"es","value":"Se encontró un desbordamiento del búfer en la manera en que openjpeg2 manejaba determinados archivos en formato PNG. Un atacante podría usar este fallo para causar el bloqueo de una aplicación o, en algunos casos, ejecutar código arbitrario con el permiso del usuario que ejecuta dicha aplicación"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:P","baseScore":6.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-122"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:uclouvain:openjpeg:*:*:*:*:*:*:*:*","versionEndIncluding":"1.5.1","matchCriteriaId":"3BF1502F-A671-401F-878A-46E9EA7FF019"},{"vulnerable":true,"criteria":"cpe:2.3:a:uclouvain:openjpeg:*:*:*:*:*:*:*:*","versionStartIncluding":"2.0.0","versionEndExcluding":"2.4.0","matchCriteriaId":"94168F56-A0BD-4B60-BE24-BFA39A72DABE"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","matchCriteriaId":"DEECE5FC-CACF-4496-A3E7-164736409252"},{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*","matchCriteriaId":"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"}]}]}],"references":[{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1901998","source":"secalert@redhat.com","tags":["Issue Tracking","Patch","Third Party Advisory"]},{"url":"https://github.com/uclouvain/openjpeg/issues/1283","source":"secalert@redhat.com","tags":["Exploit","Issue Tracking","Third Party Advisory"]},{"url":"https://lists.debian.org/debian-lts-announce/2021/02/msg00011.html","source":"secalert@redhat.com","tags":["Mailing List","Third Party Advisory"]},{"url":"https://security.gentoo.org/glsa/202101-29","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://www.debian.org/security/2021/dsa-4882","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://www.oracle.com//security-alerts/cpujul2021.html","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1901998","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Patch","Third Party Advisory"]},{"url":"https://github.com/uclouvain/openjpeg/issues/1283","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking","Third Party Advisory"]},{"url":"https://lists.debian.org/debian-lts-announce/2021/02/msg00011.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]},{"url":"https://security.gentoo.org/glsa/202101-29","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.debian.org/security/2021/dsa-4882","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.oracle.com//security-alerts/cpujul2021.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}}]}