UBUNTU-CVE-2020-27823
- Source
- https://ubuntu.com/security/CVE-2020-27823
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2020/UBUNTU-CVE-2020-27823.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/UBUNTU-CVE-2020-27823
- Related
- Published
- 2020-12-09T00:00:00Z
- Modified
- 2025-06-03T17:34:43Z
- Severity
-
- 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
A flaw was found in OpenJPEG’s encoder. This flaw allows an attacker to pass specially crafted x,y offset input to OpenJPEG to use during encoding. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
- References
Affected packages
Ubuntu:16.04:LTS / openjpeg2
Package
- Name
- openjpeg2
- Purl
- pkg:deb/ubuntu/openjpeg2@2.1.2-1.1+deb9u6build0.16.04.1?arch=source&distro=xenial
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.1.2-1.1+deb9u6build0.16.04.1
Affected versions
2.*
2.1.0-2.1
2.1.0-2.1ubuntu0.1
2.1.2-1.1+deb9u2build0.1
2.1.2-1.1+deb9u3build0.16.04.1
2.1.2-1.1+deb9u5build0.16.04.1
Ecosystem specific
{
"ubuntu_priority": "medium",
"availability": "No subscription required",
"binaries": [
{
"binary_name": "libopenjp2-7",
"binary_version": "2.1.2-1.1+deb9u6build0.16.04.1"
},
{
"binary_name": "libopenjp2-7-dbg",
"binary_version": "2.1.2-1.1+deb9u6build0.16.04.1"
},
{
"binary_name": "libopenjp2-7-dbgsym",
"binary_version": "2.1.2-1.1+deb9u6build0.16.04.1"
},
{
"binary_name": "libopenjp2-7-dev",
"binary_version": "2.1.2-1.1+deb9u6build0.16.04.1"
},
{
"binary_name": "libopenjp2-7-dev-dbgsym",
"binary_version": "2.1.2-1.1+deb9u6build0.16.04.1"
},
{
"binary_name": "libopenjp2-tools",
"binary_version": "2.1.2-1.1+deb9u6build0.16.04.1"
},
{
"binary_name": "libopenjp2-tools-dbgsym",
"binary_version": "2.1.2-1.1+deb9u6build0.16.04.1"
},
{
"binary_name": "libopenjp3d-tools",
"binary_version": "2.1.2-1.1+deb9u6build0.16.04.1"
},
{
"binary_name": "libopenjp3d-tools-dbgsym",
"binary_version": "2.1.2-1.1+deb9u6build0.16.04.1"
},
{
"binary_name": "libopenjp3d7",
"binary_version": "2.1.2-1.1+deb9u6build0.16.04.1"
},
{
"binary_name": "libopenjp3d7-dbgsym",
"binary_version": "2.1.2-1.1+deb9u6build0.16.04.1"
},
{
"binary_name": "libopenjpip-dec-server",
"binary_version": "2.1.2-1.1+deb9u6build0.16.04.1"
},
{
"binary_name": "libopenjpip-dec-server-dbgsym",
"binary_version": "2.1.2-1.1+deb9u6build0.16.04.1"
},
{
"binary_name": "libopenjpip-server",
"binary_version": "2.1.2-1.1+deb9u6build0.16.04.1"
},
{
"binary_name": "libopenjpip-server-dbgsym",
"binary_version": "2.1.2-1.1+deb9u6build0.16.04.1"
},
{
"binary_name": "libopenjpip-viewer",
"binary_version": "2.1.2-1.1+deb9u6build0.16.04.1"
},
{
"binary_name": "libopenjpip7",
"binary_version": "2.1.2-1.1+deb9u6build0.16.04.1"
},
{
"binary_name": "libopenjpip7-dbgsym",
"binary_version": "2.1.2-1.1+deb9u6build0.16.04.1"
}
]
}
Ubuntu:Pro:16.04:LTS / blender
Package
- Name
- blender
- Purl
- pkg:deb/ubuntu/blender@2.76.b+dfsg0-3build1?arch=source&distro=esm-apps/xenial
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Ubuntu:Pro:16.04:LTS / insighttoolkit4
Package
- Name
- insighttoolkit4
- Purl
- pkg:deb/ubuntu/insighttoolkit4@4.9.0-4ubuntu1.1?arch=source&distro=esm-apps/xenial
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Ubuntu:Pro:16.04:LTS / texmaker
Package
- Name
- texmaker
- Purl
- pkg:deb/ubuntu/texmaker@4.4.1-1.1?arch=source&distro=esm-apps/xenial
Ubuntu:18.04:LTS / openjpeg2
Package
- Name
- openjpeg2
- Purl
- pkg:deb/ubuntu/openjpeg2@2.3.0-2+deb10u2build0.18.04.1?arch=source&distro=bionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.3.0-2+deb10u2build0.18.04.1
Ecosystem specific
{
"ubuntu_priority": "medium",
"availability": "No subscription required",
"binaries": [
{
"binary_name": "libopenjp2-7",
"binary_version": "2.3.0-2+deb10u2build0.18.04.1"
},
{
"binary_name": "libopenjp2-7-dbgsym",
"binary_version": "2.3.0-2+deb10u2build0.18.04.1"
},
{
"binary_name": "libopenjp2-7-dev",
"binary_version": "2.3.0-2+deb10u2build0.18.04.1"
},
{
"binary_name": "libopenjp2-tools",
"binary_version": "2.3.0-2+deb10u2build0.18.04.1"
},
{
"binary_name": "libopenjp2-tools-dbgsym",
"binary_version": "2.3.0-2+deb10u2build0.18.04.1"
},
{
"binary_name": "libopenjp3d-tools",
"binary_version": "2.3.0-2+deb10u2build0.18.04.1"
},
{
"binary_name": "libopenjp3d-tools-dbgsym",
"binary_version": "2.3.0-2+deb10u2build0.18.04.1"
},
{
"binary_name": "libopenjp3d7",
"binary_version": "2.3.0-2+deb10u2build0.18.04.1"
},
{
"binary_name": "libopenjp3d7-dbgsym",
"binary_version": "2.3.0-2+deb10u2build0.18.04.1"
},
{
"binary_name": "libopenjpip-dec-server",
"binary_version": "2.3.0-2+deb10u2build0.18.04.1"
},
{
"binary_name": "libopenjpip-dec-server-dbgsym",
"binary_version": "2.3.0-2+deb10u2build0.18.04.1"
},
{
"binary_name": "libopenjpip-server",
"binary_version": "2.3.0-2+deb10u2build0.18.04.1"
},
{
"binary_name": "libopenjpip-server-dbgsym",
"binary_version": "2.3.0-2+deb10u2build0.18.04.1"
},
{
"binary_name": "libopenjpip-viewer",
"binary_version": "2.3.0-2+deb10u2build0.18.04.1"
},
{
"binary_name": "libopenjpip7",
"binary_version": "2.3.0-2+deb10u2build0.18.04.1"
},
{
"binary_name": "libopenjpip7-dbgsym",
"binary_version": "2.3.0-2+deb10u2build0.18.04.1"
}
]
}
Ubuntu:Pro:18.04:LTS / blender
Package
- Name
- blender
- Purl
- pkg:deb/ubuntu/blender@2.79.b+dfsg0-1ubuntu1.18.04.1?arch=source&distro=esm-apps/bionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Ubuntu:Pro:18.04:LTS / insighttoolkit4
Package
- Name
- insighttoolkit4
- Purl
- pkg:deb/ubuntu/insighttoolkit4@4.12.2-dfsg1-1ubuntu1?arch=source&distro=esm-apps/bionic
Ubuntu:Pro:18.04:LTS / qtwebengine-opensource-src
Package
- Name
- qtwebengine-opensource-src
- Purl
- pkg:deb/ubuntu/qtwebengine-opensource-src@5.9.5+dfsg-0ubuntu2?arch=source&distro=esm-apps/bionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Ubuntu:Pro:18.04:LTS / texmaker
Package
- Name
- texmaker
- Purl
- pkg:deb/ubuntu/texmaker@5.0.2-1build2?arch=source&distro=esm-apps/bionic
Ubuntu:20.04:LTS / openjpeg2
Package
- Name
- openjpeg2
- Purl
- pkg:deb/ubuntu/openjpeg2@2.3.1-1ubuntu4.20.04.1?arch=source&distro=focal
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.3.1-1ubuntu4.20.04.1
Ecosystem specific
{
"ubuntu_priority": "medium",
"availability": "No subscription required",
"binaries": [
{
"binary_name": "libopenjp2-7",
"binary_version": "2.3.1-1ubuntu4.20.04.1"
},
{
"binary_name": "libopenjp2-7-dbgsym",
"binary_version": "2.3.1-1ubuntu4.20.04.1"
},
{
"binary_name": "libopenjp2-7-dev",
"binary_version": "2.3.1-1ubuntu4.20.04.1"
},
{
"binary_name": "libopenjp2-tools",
"binary_version": "2.3.1-1ubuntu4.20.04.1"
},
{
"binary_name": "libopenjp2-tools-dbgsym",
"binary_version": "2.3.1-1ubuntu4.20.04.1"
},
{
"binary_name": "libopenjp3d-tools",
"binary_version": "2.3.1-1ubuntu4.20.04.1"
},
{
"binary_name": "libopenjp3d-tools-dbgsym",
"binary_version": "2.3.1-1ubuntu4.20.04.1"
},
{
"binary_name": "libopenjp3d7",
"binary_version": "2.3.1-1ubuntu4.20.04.1"
},
{
"binary_name": "libopenjp3d7-dbgsym",
"binary_version": "2.3.1-1ubuntu4.20.04.1"
},
{
"binary_name": "libopenjpip-dec-server",
"binary_version": "2.3.1-1ubuntu4.20.04.1"
},
{
"binary_name": "libopenjpip-dec-server-dbgsym",
"binary_version": "2.3.1-1ubuntu4.20.04.1"
},
{
"binary_name": "libopenjpip-server",
"binary_version": "2.3.1-1ubuntu4.20.04.1"
},
{
"binary_name": "libopenjpip-server-dbgsym",
"binary_version": "2.3.1-1ubuntu4.20.04.1"
},
{
"binary_name": "libopenjpip-viewer",
"binary_version": "2.3.1-1ubuntu4.20.04.1"
},
{
"binary_name": "libopenjpip7",
"binary_version": "2.3.1-1ubuntu4.20.04.1"
},
{
"binary_name": "libopenjpip7-dbgsym",
"binary_version": "2.3.1-1ubuntu4.20.04.1"
}
]
}
Ubuntu:Pro:20.04:LTS / blender
Package
- Name
- blender
- Purl
- pkg:deb/ubuntu/blender@2.82.a+dfsg-1?arch=source&distro=esm-apps/focal
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Ubuntu:Pro:20.04:LTS / insighttoolkit4
Package
- Name
- insighttoolkit4
- Purl
- pkg:deb/ubuntu/insighttoolkit4@4.13.2-dfsg1-8?arch=source&distro=esm-apps/focal
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Ubuntu:Pro:20.04:LTS / qtwebengine-opensource-src
Package
- Name
- qtwebengine-opensource-src
- Purl
- pkg:deb/ubuntu/qtwebengine-opensource-src@5.12.8+dfsg-0ubuntu1.1?arch=source&distro=esm-apps/focal
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Ubuntu:Pro:20.04:LTS / texmaker
Package
- Name
- texmaker
- Purl
- pkg:deb/ubuntu/texmaker@5.0.3-1build5?arch=source&distro=esm-apps/focal
Ubuntu:22.04:LTS / blender
Package
- Name
- blender
- Purl
- pkg:deb/ubuntu/blender@3.0.1+dfsg-7?arch=source&distro=jammy
Ubuntu:22.04:LTS / insighttoolkit4
Package
- Name
- insighttoolkit4
- Purl
- pkg:deb/ubuntu/insighttoolkit4@4.13.3withdata-dfsg2-1ubuntu1?arch=source&distro=jammy
Ubuntu:22.04:LTS / openjpeg2
Package
- Name
- openjpeg2
- Purl
- pkg:deb/ubuntu/openjpeg2@2.3.1-1ubuntu5?arch=source&distro=jammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.3.1-1ubuntu5
Ecosystem specific
{
"ubuntu_priority": "medium",
"availability": "No subscription required",
"binaries": [
{
"binary_name": "libopenjp2-7",
"binary_version": "2.3.1-1ubuntu5"
},
{
"binary_name": "libopenjp2-7-dbgsym",
"binary_version": "2.3.1-1ubuntu5"
},
{
"binary_name": "libopenjp2-7-dev",
"binary_version": "2.3.1-1ubuntu5"
},
{
"binary_name": "libopenjp2-tools",
"binary_version": "2.3.1-1ubuntu5"
},
{
"binary_name": "libopenjp2-tools-dbgsym",
"binary_version": "2.3.1-1ubuntu5"
},
{
"binary_name": "libopenjp3d-tools",
"binary_version": "2.3.1-1ubuntu5"
},
{
"binary_name": "libopenjp3d-tools-dbgsym",
"binary_version": "2.3.1-1ubuntu5"
},
{
"binary_name": "libopenjp3d7",
"binary_version": "2.3.1-1ubuntu5"
},
{
"binary_name": "libopenjp3d7-dbgsym",
"binary_version": "2.3.1-1ubuntu5"
},
{
"binary_name": "libopenjpip-dec-server",
"binary_version": "2.3.1-1ubuntu5"
},
{
"binary_name": "libopenjpip-dec-server-dbgsym",
"binary_version": "2.3.1-1ubuntu5"
},
{
"binary_name": "libopenjpip-server",
"binary_version": "2.3.1-1ubuntu5"
},
{
"binary_name": "libopenjpip-server-dbgsym",
"binary_version": "2.3.1-1ubuntu5"
},
{
"binary_name": "libopenjpip-viewer",
"binary_version": "2.3.1-1ubuntu5"
},
{
"binary_name": "libopenjpip7",
"binary_version": "2.3.1-1ubuntu5"
},
{
"binary_name": "libopenjpip7-dbgsym",
"binary_version": "2.3.1-1ubuntu5"
}
]
}
Ubuntu:22.04:LTS / qtwebengine-opensource-src
Package
- Name
- qtwebengine-opensource-src
- Purl
- pkg:deb/ubuntu/qtwebengine-opensource-src@5.15.9+dfsg-1?arch=source&distro=jammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Ubuntu:22.04:LTS / texmaker
Package
- Name
- texmaker
- Purl
- pkg:deb/ubuntu/texmaker@5.0.3-1build9?arch=source&distro=jammy
Ubuntu:24.10 / blender
Package
- Name
- blender
- Purl
- pkg:deb/ubuntu/blender@4.2.1+dfsg-1?arch=source&distro=oracular
Ubuntu:24.10 / qtwebengine-opensource-src
Package
- Name
- qtwebengine-opensource-src
- Purl
- pkg:deb/ubuntu/qtwebengine-opensource-src@5.15.17+dfsg-4?arch=source&distro=oracular
Ubuntu:24.10 / texmaker
Package
- Name
- texmaker
- Purl
- pkg:deb/ubuntu/texmaker@5.1.3+dfsg-2build1?arch=source&distro=oracular
Ubuntu:24.04:LTS / blender
Package
- Name
- blender
- Purl
- pkg:deb/ubuntu/blender@4.0.2+dfsg-1ubuntu8?arch=source&distro=noble
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Ubuntu:24.04:LTS / qtwebengine-opensource-src
Package
- Name
- qtwebengine-opensource-src
- Purl
- pkg:deb/ubuntu/qtwebengine-opensource-src@5.15.16+dfsg-3?arch=source&distro=noble
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Ubuntu:24.04:LTS / texmaker
Package
- Name
- texmaker
- Purl
- pkg:deb/ubuntu/texmaker@5.1.3+dfsg-1build8?arch=source&distro=noble
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Ubuntu:25.04 / blender
Package
- Name
- blender
- Purl
- pkg:deb/ubuntu/blender@4.3.2+dfsg-2?arch=source&distro=plucky
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Ubuntu:25.04 / qtwebengine-opensource-src
Package
- Name
- qtwebengine-opensource-src
- Purl
- pkg:deb/ubuntu/qtwebengine-opensource-src@5.15.18+dfsg-2?arch=source&distro=plucky
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected