ALPINE-CVE-2020-27814
Advisory lineage Upstream: 1 Downstream: 0
Upstream
Published: 26 Jan 2021, 18:15
Last modified:03 Dec 2025, 22:47
Vulnerability Summary
Overall Risk (default)
medium
31/100 CVSS Score
7.8 HIGH
3.1 (osv_alpine)
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
26 Jan 2021, 18:15
Published
Vulnerability first disclosed
03 Dec 2025, 22:47
Last Modified
Vulnerability information updated
Description
A heap-buffer overflow was found in the way openjpeg2 handled certain PNG format files. An attacker could use this flaw to cause an application crash or in some cases execute arbitrary code with the permission of the user running such an application.
CVSS Metrics
- v3.1•HIGH•Score: 7.8CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected Systems
- alpine•openjpeg
< 2.3.1-r5 | < 2.3.1-r5 | < 2.3.1-r6 | < 2.3.1-r6 | < 2.3.1-r6 | < 2.3.1-r6 | < 2.3.1-r6 | < 2.3.1-r6 | < 2.3.1-r6 | < 2.3.1-r6 | < 2.3.1-r6 | < 2.3.1-r6 | < 2.3.1-r6 | < 2.3.1-r6