Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:conan/openjpeg@2.4.0

Type conan

Namespace

Name openjpeg

Version 2.4.0

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version 2.5.0

Latest_non_vulnerable_version 2.5.0

Affected_by_vulnerabilities

url VCID-an46-hxt9-57e1

vulnerability_id VCID-an46-hxt9-57e1

summary

Out-of-bounds Write
A heap-based buffer overflow was found in openjpeg in color.c:379:42 in sycc420_to_rgb when decompressing a crafted .j2k file. An attacker could use this to execute arbitrary code with the permissions of the application compiled against openjpeg.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3575.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3575.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-3575

reference_id

reference_type

scores

value	0.0033
scoring_system	epss
scoring_elements	0.5588
published_at	2026-04-01T12:55:00Z

value	0.0033
scoring_system	epss
scoring_elements	0.5596
published_at	2026-04-21T12:55:00Z

value	0.0033
scoring_system	epss
scoring_elements	0.56054
published_at	2026-04-16T12:55:00Z

value	0.0033
scoring_system	epss
scoring_elements	0.56057
published_at	2026-04-18T12:55:00Z

value	0.0033
scoring_system	epss
scoring_elements	0.55991
published_at	2026-04-07T12:55:00Z

value	0.0033
scoring_system	epss
scoring_elements	0.56013
published_at	2026-04-04T12:55:00Z

value	0.0033
scoring_system	epss
scoring_elements	0.56042
published_at	2026-04-08T12:55:00Z

value	0.0033
scoring_system	epss
scoring_elements	0.56045
published_at	2026-04-09T12:55:00Z

value	0.0033
scoring_system	epss
scoring_elements	0.56056
published_at	2026-04-11T12:55:00Z

value	0.0033
scoring_system	epss
scoring_elements	0.56036
published_at	2026-04-12T12:55:00Z

value	0.0033
scoring_system	epss
scoring_elements	0.56018
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-3575

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1957616
reference_id
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1957616

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3575
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3575

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://github.com/uclouvain/openjpeg/issues/1347
reference_id
reference_type
scores
url	https://github.com/uclouvain/openjpeg/issues/1347

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989775
reference_id	989775
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989775

reference_url

https://security.archlinux.org/AVG-2850

reference_id

AVG-2850

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2850

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2021-3575
reference_id	CVE-2021-3575
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2021-3575

reference_url	https://ubuntu.com/security/CVE-2021-3575
reference_id	CVE-2021-3575
reference_type
scores
url	https://ubuntu.com/security/CVE-2021-3575

reference_url	https://access.redhat.com/errata/RHSA-2021:4251
reference_id	RHSA-2021:4251
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4251

reference_url	https://usn.ubuntu.com/7083-1/
reference_id	USN-7083-1
reference_type
scores
url	https://usn.ubuntu.com/7083-1/

fixed_packages

url	pkg:conan/openjpeg@2.5.0
purl	pkg:conan/openjpeg@2.5.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:conan/openjpeg@2.5.0

aliases CVE-2021-3575

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-an46-hxt9-57e1

url VCID-pzv2-p44c-8qg4

vulnerability_id VCID-pzv2-p44c-8qg4

summary Multiple vulnerabilities have been discovered in OpenJPEG, the worst of which could result in arbitrary code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29338.json

reference_id

reference_type

scores

value	6.2
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29338.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-29338

reference_id

reference_type

scores

value	0.00093
scoring_system	epss
scoring_elements	0.26175
published_at	2026-04-01T12:55:00Z

value	0.00093
scoring_system	epss
scoring_elements	0.26035
published_at	2026-04-21T12:55:00Z

value	0.00093
scoring_system	epss
scoring_elements	0.26092
published_at	2026-04-16T12:55:00Z

value	0.00093
scoring_system	epss
scoring_elements	0.2607
published_at	2026-04-18T12:55:00Z

value	0.00093
scoring_system	epss
scoring_elements	0.26256
published_at	2026-04-02T12:55:00Z

value	0.00093
scoring_system	epss
scoring_elements	0.26297
published_at	2026-04-04T12:55:00Z

value	0.00093
scoring_system	epss
scoring_elements	0.26067
published_at	2026-04-07T12:55:00Z

value	0.00093
scoring_system	epss
scoring_elements	0.26134
published_at	2026-04-08T12:55:00Z

value	0.00093
scoring_system	epss
scoring_elements	0.26182
published_at	2026-04-09T12:55:00Z

value	0.00093
scoring_system	epss
scoring_elements	0.2619
published_at	2026-04-11T12:55:00Z

value	0.00093
scoring_system	epss
scoring_elements	0.26144
published_at	2026-04-12T12:55:00Z

value	0.00093
scoring_system	epss
scoring_elements	0.26086
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-29338

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29338
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29338

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1950101
reference_id	1950101
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1950101

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987276
reference_id	987276
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987276

reference_url

https://security.archlinux.org/AVG-1390

reference_id

AVG-1390

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1390

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2021-29338
reference_id	CVE-2021-29338
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2021-29338

reference_url	https://security.gentoo.org/glsa/202209-04
reference_id	GLSA-202209-04
reference_type
scores
url	https://security.gentoo.org/glsa/202209-04

reference_url	https://access.redhat.com/errata/RHSA-2021:4251
reference_id	RHSA-2021:4251
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4251

reference_url	https://usn.ubuntu.com/7083-1/
reference_id	USN-7083-1
reference_type
scores
url	https://usn.ubuntu.com/7083-1/

fixed_packages

url	pkg:conan/openjpeg@2.5.0
purl	pkg:conan/openjpeg@2.5.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:conan/openjpeg@2.5.0

aliases CVE-2021-29338

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pzv2-p44c-8qg4

url VCID-xh3j-ufru-6fby

vulnerability_id VCID-xh3j-ufru-6fby

summary

Access of Uninitialized Pointer
A flaw was found in the opj2_decompress program in openjpeg2 2.4.0 in the way it handles an input directory with a large number of files. When it fails to allocate a buffer to store the filenames of the input directory, it calls free() on an uninitialized pointer, leading to a segmentation fault and a denial of service.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1122.json

reference_id

reference_type

scores

value	5.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1122.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-1122

reference_id

reference_type

scores

value	0.00052
scoring_system	epss
scoring_elements	0.16373
published_at	2026-04-21T12:55:00Z

value	0.00057
scoring_system	epss
scoring_elements	0.17813
published_at	2026-04-01T12:55:00Z

value	0.00057
scoring_system	epss
scoring_elements	0.17976
published_at	2026-04-02T12:55:00Z

value	0.00057
scoring_system	epss
scoring_elements	0.18031
published_at	2026-04-04T12:55:00Z

value	0.00057
scoring_system	epss
scoring_elements	0.17732
published_at	2026-04-07T12:55:00Z

value	0.00057
scoring_system	epss
scoring_elements	0.17819
published_at	2026-04-08T12:55:00Z

value	0.00057
scoring_system	epss
scoring_elements	0.17881
published_at	2026-04-09T12:55:00Z

value	0.00057
scoring_system	epss
scoring_elements	0.17896
published_at	2026-04-11T12:55:00Z

value	0.00057
scoring_system	epss
scoring_elements	0.17852
published_at	2026-04-12T12:55:00Z

value	0.00057
scoring_system	epss
scoring_elements	0.17804
published_at	2026-04-13T12:55:00Z

value	0.00057
scoring_system	epss
scoring_elements	0.17747
published_at	2026-04-16T12:55:00Z

value	0.00057
scoring_system	epss
scoring_elements	0.17756
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-1122

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1122
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1122

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://github.com/uclouvain/openjpeg/issues/1368
reference_id
reference_type
scores
url	https://github.com/uclouvain/openjpeg/issues/1368

reference_url	https://github.com/uclouvain/openjpeg/pull/1369
reference_id
reference_type
scores
url	https://github.com/uclouvain/openjpeg/pull/1369

reference_url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ROSN5NRUFOH7HGLJ4ZSKPGAKLFXJALW4/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ROSN5NRUFOH7HGLJ4ZSKPGAKLFXJALW4/

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2067052
reference_id	2067052
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2067052

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2022-1122
reference_id	CVE-2022-1122
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2022-1122

reference_url	https://security.gentoo.org/glsa/202209-04
reference_id	GLSA-202209-04
reference_type
scores
url	https://security.gentoo.org/glsa/202209-04

reference_url	https://access.redhat.com/errata/RHSA-2022:7645
reference_id	RHSA-2022:7645
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7645

reference_url	https://access.redhat.com/errata/RHSA-2022:8207
reference_id	RHSA-2022:8207
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:8207

reference_url	https://usn.ubuntu.com/7083-1/
reference_id	USN-7083-1
reference_type
scores
url	https://usn.ubuntu.com/7083-1/

fixed_packages

url	pkg:conan/openjpeg@2.5.0
purl	pkg:conan/openjpeg@2.5.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:conan/openjpeg@2.5.0

aliases CVE-2022-1122

risk_score 2.3

exploitability 0.5

weighted_severity 4.6

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xh3j-ufru-6fby

Fixing_vulnerabilities

url VCID-2ad2-5t5w-d7ew

vulnerability_id VCID-2ad2-5t5w-d7ew

summary openjpeg: global-buffer-overflow read in opj_dwt_calc_explicit_stepsizes()

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27824.json

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27824.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-27824

reference_id

reference_type

scores

value	0.00149
scoring_system	epss
scoring_elements	0.3535
published_at	2026-04-21T12:55:00Z

value	0.00149
scoring_system	epss
scoring_elements	0.35403
published_at	2026-04-18T12:55:00Z

value	0.00274
scoring_system	epss
scoring_elements	0.50798
published_at	2026-04-01T12:55:00Z

value	0.00274
scoring_system	epss
scoring_elements	0.50854
published_at	2026-04-02T12:55:00Z

value	0.00274
scoring_system	epss
scoring_elements	0.5088
published_at	2026-04-04T12:55:00Z

value	0.00274
scoring_system	epss
scoring_elements	0.50837
published_at	2026-04-07T12:55:00Z

value	0.00274
scoring_system	epss
scoring_elements	0.50895
published_at	2026-04-13T12:55:00Z

value	0.00274
scoring_system	epss
scoring_elements	0.50892
published_at	2026-04-09T12:55:00Z

value	0.00274
scoring_system	epss
scoring_elements	0.50934
published_at	2026-04-11T12:55:00Z

value	0.00274
scoring_system	epss
scoring_elements	0.50912
published_at	2026-04-12T12:55:00Z

value	0.00274
scoring_system	epss
scoring_elements	0.50933
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-27824

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15389
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15389

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27814
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27814

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27823
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27823

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27824
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27824

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27841
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27841

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27842
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27842

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27843
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27843

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27845
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27845

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6851
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6851

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8112
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8112

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1905723
reference_id	1905723
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1905723

reference_url	https://security.archlinux.org/ASA-202012-21
reference_id	ASA-202012-21
reference_type
scores
url	https://security.archlinux.org/ASA-202012-21

reference_url

https://security.archlinux.org/AVG-1339

reference_id

AVG-1339

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1339

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2020-27824
reference_id	CVE-2020-27824
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2020-27824

reference_url	https://access.redhat.com/errata/RHSA-2021:4251
reference_id	RHSA-2021:4251
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4251

reference_url	https://usn.ubuntu.com/4685-1/
reference_id	USN-4685-1
reference_type
scores
url	https://usn.ubuntu.com/4685-1/

reference_url	https://usn.ubuntu.com/4686-1/
reference_id	USN-4686-1
reference_type
scores
url	https://usn.ubuntu.com/4686-1/

reference_url	https://usn.ubuntu.com/4880-1/
reference_id	USN-4880-1
reference_type
scores
url	https://usn.ubuntu.com/4880-1/

reference_url	https://usn.ubuntu.com/5952-1/
reference_id	USN-5952-1
reference_type
scores
url	https://usn.ubuntu.com/5952-1/

reference_url	https://usn.ubuntu.com/USN-5664-1/
reference_id	USN-USN-5664-1
reference_type
scores
url	https://usn.ubuntu.com/USN-5664-1/

fixed_packages

url pkg:conan/openjpeg@2.4.0

purl pkg:conan/openjpeg@2.4.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-an46-hxt9-57e1

vulnerability	VCID-pzv2-p44c-8qg4

vulnerability	VCID-xh3j-ufru-6fby

resource_url http://public2.vulnerablecode.io/packages/pkg:conan/openjpeg@2.4.0

aliases CVE-2020-27824

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2ad2-5t5w-d7ew

url VCID-3r1m-53dp-yff2

vulnerability_id VCID-3r1m-53dp-yff2

summary

Multiple vulnerabilities have been found in OpenJPEG, the worst of
    which could result in the arbitrary execution of code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27842.json

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27842.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-27842

reference_id

reference_type

scores

value	0.00113
scoring_system	epss
scoring_elements	0.29845
published_at	2026-04-01T12:55:00Z

value	0.00113
scoring_system	epss
scoring_elements	0.29714
published_at	2026-04-21T12:55:00Z

value	0.00113
scoring_system	epss
scoring_elements	0.29779
published_at	2026-04-16T12:55:00Z

value	0.00113
scoring_system	epss
scoring_elements	0.29758
published_at	2026-04-18T12:55:00Z

value	0.00113
scoring_system	epss
scoring_elements	0.2989
published_at	2026-04-02T12:55:00Z

value	0.00113
scoring_system	epss
scoring_elements	0.29938
published_at	2026-04-04T12:55:00Z

value	0.00113
scoring_system	epss
scoring_elements	0.2975
published_at	2026-04-07T12:55:00Z

value	0.00113
scoring_system	epss
scoring_elements	0.29812
published_at	2026-04-08T12:55:00Z

value	0.00113
scoring_system	epss
scoring_elements	0.29847
published_at	2026-04-09T12:55:00Z

value	0.00113
scoring_system	epss
scoring_elements	0.29856
published_at	2026-04-11T12:55:00Z

value	0.00113
scoring_system	epss
scoring_elements	0.2981
published_at	2026-04-12T12:55:00Z

value	0.00113
scoring_system	epss
scoring_elements	0.2976
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-27842

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15389
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15389

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27814
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27814

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27823
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27823

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27824
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27824

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27841
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27841

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27842
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27842

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27843
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27843

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27845
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27845

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6851
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6851

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8112
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8112

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1907513
reference_id	1907513
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1907513

reference_url	https://security.archlinux.org/ASA-202012-21
reference_id	ASA-202012-21
reference_type
scores
url	https://security.archlinux.org/ASA-202012-21

reference_url

https://security.archlinux.org/AVG-1339

reference_id

AVG-1339

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1339

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2020-27842
reference_id	CVE-2020-27842
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2020-27842

reference_url	https://security.gentoo.org/glsa/202101-29
reference_id	GLSA-202101-29
reference_type
scores
url	https://security.gentoo.org/glsa/202101-29

reference_url	https://access.redhat.com/errata/RHSA-2021:4251
reference_id	RHSA-2021:4251
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4251

reference_url	https://usn.ubuntu.com/4685-1/
reference_id	USN-4685-1
reference_type
scores
url	https://usn.ubuntu.com/4685-1/

reference_url	https://usn.ubuntu.com/4686-1/
reference_id	USN-4686-1
reference_type
scores
url	https://usn.ubuntu.com/4686-1/

reference_url	https://usn.ubuntu.com/5952-1/
reference_id	USN-5952-1
reference_type
scores
url	https://usn.ubuntu.com/5952-1/

fixed_packages

url pkg:conan/openjpeg@2.4.0

purl pkg:conan/openjpeg@2.4.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-an46-hxt9-57e1

vulnerability	VCID-pzv2-p44c-8qg4

vulnerability	VCID-xh3j-ufru-6fby

resource_url http://public2.vulnerablecode.io/packages/pkg:conan/openjpeg@2.4.0

aliases CVE-2020-27842

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3r1m-53dp-yff2

url VCID-4hbk-qsje-63fd

vulnerability_id VCID-4hbk-qsje-63fd

summary

Multiple vulnerabilities have been found in OpenJPEG, the worst of
    which could result in the arbitrary execution of code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27841.json

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27841.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-27841

reference_id

reference_type

scores

value	0.00116
scoring_system	epss
scoring_elements	0.30361
published_at	2026-04-01T12:55:00Z

value	0.00116
scoring_system	epss
scoring_elements	0.30205
published_at	2026-04-21T12:55:00Z

value	0.00116
scoring_system	epss
scoring_elements	0.30268
published_at	2026-04-16T12:55:00Z

value	0.00116
scoring_system	epss
scoring_elements	0.3025
published_at	2026-04-18T12:55:00Z

value	0.00116
scoring_system	epss
scoring_elements	0.3039
published_at	2026-04-02T12:55:00Z

value	0.00116
scoring_system	epss
scoring_elements	0.30436
published_at	2026-04-04T12:55:00Z

value	0.00116
scoring_system	epss
scoring_elements	0.30247
published_at	2026-04-07T12:55:00Z

value	0.00116
scoring_system	epss
scoring_elements	0.30307
published_at	2026-04-08T12:55:00Z

value	0.00116
scoring_system	epss
scoring_elements	0.30341
published_at	2026-04-09T12:55:00Z

value	0.00116
scoring_system	epss
scoring_elements	0.30345
published_at	2026-04-11T12:55:00Z

value	0.00116
scoring_system	epss
scoring_elements	0.30301
published_at	2026-04-12T12:55:00Z

value	0.00116
scoring_system	epss
scoring_elements	0.30253
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-27841

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15389
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15389

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27814
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27814

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27823
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27823

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27824
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27824

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27841
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27841

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27842
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27842

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27843
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27843

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27845
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27845

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6851
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6851

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8112
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8112

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1907510
reference_id	1907510
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1907510

reference_url	https://security.archlinux.org/ASA-202012-21
reference_id	ASA-202012-21
reference_type
scores
url	https://security.archlinux.org/ASA-202012-21

reference_url

https://security.archlinux.org/AVG-1339

reference_id

AVG-1339

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1339

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2020-27841
reference_id	CVE-2020-27841
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2020-27841

reference_url	https://security.gentoo.org/glsa/202101-29
reference_id	GLSA-202101-29
reference_type
scores
url	https://security.gentoo.org/glsa/202101-29

reference_url	https://usn.ubuntu.com/4685-1/
reference_id	USN-4685-1
reference_type
scores
url	https://usn.ubuntu.com/4685-1/

reference_url	https://usn.ubuntu.com/4686-1/
reference_id	USN-4686-1
reference_type
scores
url	https://usn.ubuntu.com/4686-1/

reference_url	https://usn.ubuntu.com/4880-1/
reference_id	USN-4880-1
reference_type
scores
url	https://usn.ubuntu.com/4880-1/

reference_url	https://usn.ubuntu.com/5952-1/
reference_id	USN-5952-1
reference_type
scores
url	https://usn.ubuntu.com/5952-1/

fixed_packages

url pkg:conan/openjpeg@2.4.0

purl pkg:conan/openjpeg@2.4.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-an46-hxt9-57e1

vulnerability	VCID-pzv2-p44c-8qg4

vulnerability	VCID-xh3j-ufru-6fby

resource_url http://public2.vulnerablecode.io/packages/pkg:conan/openjpeg@2.4.0

aliases CVE-2020-27841

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4hbk-qsje-63fd

url VCID-7ath-fa35-5uca

vulnerability_id VCID-7ath-fa35-5uca

summary openjpeg: Heap-based buffer overflow in opj_t1_clbl_decode_processor()

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6851.json

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6851.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-6851

reference_id

reference_type

scores

value	0.01434
scoring_system	epss
scoring_elements	0.80621
published_at	2026-04-01T12:55:00Z

value	0.01434
scoring_system	epss
scoring_elements	0.80716
published_at	2026-04-21T12:55:00Z

value	0.01434
scoring_system	epss
scoring_elements	0.80679
published_at	2026-04-13T12:55:00Z

value	0.01434
scoring_system	epss
scoring_elements	0.80713
published_at	2026-04-18T12:55:00Z

value	0.01434
scoring_system	epss
scoring_elements	0.80629
published_at	2026-04-02T12:55:00Z

value	0.01434
scoring_system	epss
scoring_elements	0.80651
published_at	2026-04-04T12:55:00Z

value	0.01434
scoring_system	epss
scoring_elements	0.80646
published_at	2026-04-07T12:55:00Z

value	0.01434
scoring_system	epss
scoring_elements	0.80674
published_at	2026-04-08T12:55:00Z

value	0.01434
scoring_system	epss
scoring_elements	0.80684
published_at	2026-04-09T12:55:00Z

value	0.01434
scoring_system	epss
scoring_elements	0.807
published_at	2026-04-11T12:55:00Z

value	0.01434
scoring_system	epss
scoring_elements	0.80687
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-6851

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15389
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15389

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27814
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27814

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27823
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27823

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27824
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27824

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27841
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27841

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27842
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27842

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27843
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27843

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27845
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27845

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6851
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6851

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8112
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8112

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1790511
reference_id	1790511
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1790511

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=950000
reference_id	950000
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=950000

reference_url	https://security.archlinux.org/ASA-202012-21
reference_id	ASA-202012-21
reference_type
scores
url	https://security.archlinux.org/ASA-202012-21

reference_url

https://security.archlinux.org/AVG-1339

reference_id

AVG-1339

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1339

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2020-6851
reference_id	CVE-2020-6851
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2020-6851

reference_url	https://access.redhat.com/errata/RHSA-2020:0262
reference_id	RHSA-2020:0262
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0262

reference_url	https://access.redhat.com/errata/RHSA-2020:0274
reference_id	RHSA-2020:0274
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0274

reference_url	https://access.redhat.com/errata/RHSA-2020:0296
reference_id	RHSA-2020:0296
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0296

reference_url	https://usn.ubuntu.com/4497-1/
reference_id	USN-4497-1
reference_type
scores
url	https://usn.ubuntu.com/4497-1/

reference_url	https://usn.ubuntu.com/4686-1/
reference_id	USN-4686-1
reference_type
scores
url	https://usn.ubuntu.com/4686-1/

reference_url	https://usn.ubuntu.com/5952-1/
reference_id	USN-5952-1
reference_type
scores
url	https://usn.ubuntu.com/5952-1/

fixed_packages

url pkg:conan/openjpeg@2.4.0

purl pkg:conan/openjpeg@2.4.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-an46-hxt9-57e1

vulnerability	VCID-pzv2-p44c-8qg4

vulnerability	VCID-xh3j-ufru-6fby

resource_url http://public2.vulnerablecode.io/packages/pkg:conan/openjpeg@2.4.0

aliases CVE-2020-6851

risk_score 3.6

exploitability 0.5

weighted_severity 7.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7ath-fa35-5uca

url VCID-kq91-13ek-rkcu

vulnerability_id VCID-kq91-13ek-rkcu

summary

Multiple vulnerabilities have been found in OpenJPEG, the worst of
    which could result in the arbitrary execution of code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15389.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15389.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-15389

reference_id

reference_type

scores

value	0.00344
scoring_system	epss
scoring_elements	0.56898
published_at	2026-04-01T12:55:00Z

value	0.00344
scoring_system	epss
scoring_elements	0.57016
published_at	2026-04-21T12:55:00Z

value	0.00344
scoring_system	epss
scoring_elements	0.57041
published_at	2026-04-16T12:55:00Z

value	0.00344
scoring_system	epss
scoring_elements	0.57039
published_at	2026-04-18T12:55:00Z

value	0.00344
scoring_system	epss
scoring_elements	0.56995
published_at	2026-04-02T12:55:00Z

value	0.00344
scoring_system	epss
scoring_elements	0.57017
published_at	2026-04-04T12:55:00Z

value	0.00344
scoring_system	epss
scoring_elements	0.56994
published_at	2026-04-07T12:55:00Z

value	0.00344
scoring_system	epss
scoring_elements	0.57045
published_at	2026-04-08T12:55:00Z

value	0.00344
scoring_system	epss
scoring_elements	0.57047
published_at	2026-04-09T12:55:00Z

value	0.00344
scoring_system	epss
scoring_elements	0.57058
published_at	2026-04-11T12:55:00Z

value	0.00344
scoring_system	epss
scoring_elements	0.57037
published_at	2026-04-12T12:55:00Z

value	0.00344
scoring_system	epss
scoring_elements	0.57013
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-15389

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15389
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15389

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27814
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27814

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27823
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27823

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27824
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27824

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27841
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27841

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27842
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27842

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27843
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27843

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27845
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27845

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6851
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6851

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8112
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8112

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1852869
reference_id	1852869
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1852869

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=965220
reference_id	965220
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=965220

reference_url	https://security.archlinux.org/ASA-202012-21
reference_id	ASA-202012-21
reference_type
scores
url	https://security.archlinux.org/ASA-202012-21

reference_url

https://security.archlinux.org/AVG-1339

reference_id

AVG-1339

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1339

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2020-15389
reference_id	CVE-2020-15389
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2020-15389

reference_url	https://security.gentoo.org/glsa/202101-29
reference_id	GLSA-202101-29
reference_type
scores
url	https://security.gentoo.org/glsa/202101-29

reference_url	https://access.redhat.com/errata/RHSA-2021:4251
reference_id	RHSA-2021:4251
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4251

reference_url	https://usn.ubuntu.com/4497-1/
reference_id	USN-4497-1
reference_type
scores
url	https://usn.ubuntu.com/4497-1/

reference_url	https://usn.ubuntu.com/4685-1/
reference_id	USN-4685-1
reference_type
scores
url	https://usn.ubuntu.com/4685-1/

reference_url	https://usn.ubuntu.com/5952-1/
reference_id	USN-5952-1
reference_type
scores
url	https://usn.ubuntu.com/5952-1/

fixed_packages

url pkg:conan/openjpeg@2.4.0

purl pkg:conan/openjpeg@2.4.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-an46-hxt9-57e1

vulnerability	VCID-pzv2-p44c-8qg4

vulnerability	VCID-xh3j-ufru-6fby

resource_url http://public2.vulnerablecode.io/packages/pkg:conan/openjpeg@2.4.0

aliases CVE-2020-15389

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kq91-13ek-rkcu

url VCID-mdhg-k4sr-3bg7

vulnerability_id VCID-mdhg-k4sr-3bg7

summary openjpeg: heap-based buffer overflow in pj_t1_clbl_decode_processor in openjp2/t1.c

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8112.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8112.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-8112

reference_id

reference_type

scores

value	0.01793
scoring_system	epss
scoring_elements	0.82691
published_at	2026-04-01T12:55:00Z

value	0.01793
scoring_system	epss
scoring_elements	0.82797
published_at	2026-04-21T12:55:00Z

value	0.01793
scoring_system	epss
scoring_elements	0.82756
published_at	2026-04-13T12:55:00Z

value	0.01793
scoring_system	epss
scoring_elements	0.82795
published_at	2026-04-18T12:55:00Z

value	0.01793
scoring_system	epss
scoring_elements	0.82708
published_at	2026-04-02T12:55:00Z

value	0.01793
scoring_system	epss
scoring_elements	0.8272
published_at	2026-04-04T12:55:00Z

value	0.01793
scoring_system	epss
scoring_elements	0.82717
published_at	2026-04-07T12:55:00Z

value	0.01793
scoring_system	epss
scoring_elements	0.82743
published_at	2026-04-08T12:55:00Z

value	0.01793
scoring_system	epss
scoring_elements	0.8275
published_at	2026-04-09T12:55:00Z

value	0.01793
scoring_system	epss
scoring_elements	0.82766
published_at	2026-04-11T12:55:00Z

value	0.01793
scoring_system	epss
scoring_elements	0.8276
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-8112

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15389
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15389

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27814
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27814

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27823
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27823

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27824
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27824

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27841
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27841

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27842
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27842

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27843
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27843

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27845
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27845

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6851
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6851

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8112
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8112

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1800535
reference_id	1800535
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1800535

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=950184
reference_id	950184
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=950184

reference_url	https://security.archlinux.org/ASA-202012-21
reference_id	ASA-202012-21
reference_type
scores
url	https://security.archlinux.org/ASA-202012-21

reference_url

https://security.archlinux.org/AVG-1339

reference_id

AVG-1339

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1339

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2020-8112
reference_id	CVE-2020-8112
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2020-8112

reference_url	https://access.redhat.com/errata/RHSA-2020:0550
reference_id	RHSA-2020:0550
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0550

reference_url	https://access.redhat.com/errata/RHSA-2020:0569
reference_id	RHSA-2020:0569
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0569

reference_url	https://access.redhat.com/errata/RHSA-2020:0570
reference_id	RHSA-2020:0570
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0570

reference_url	https://usn.ubuntu.com/4497-1/
reference_id	USN-4497-1
reference_type
scores
url	https://usn.ubuntu.com/4497-1/

reference_url	https://usn.ubuntu.com/4686-1/
reference_id	USN-4686-1
reference_type
scores
url	https://usn.ubuntu.com/4686-1/

reference_url	https://usn.ubuntu.com/5952-1/
reference_id	USN-5952-1
reference_type
scores
url	https://usn.ubuntu.com/5952-1/

fixed_packages

url pkg:conan/openjpeg@2.4.0

purl pkg:conan/openjpeg@2.4.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-an46-hxt9-57e1

vulnerability	VCID-pzv2-p44c-8qg4

vulnerability	VCID-xh3j-ufru-6fby

resource_url http://public2.vulnerablecode.io/packages/pkg:conan/openjpeg@2.4.0

aliases CVE-2020-8112

risk_score 4.0

exploitability 0.5

weighted_severity 7.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mdhg-k4sr-3bg7

url VCID-u497-trj1-rfdj

vulnerability_id VCID-u497-trj1-rfdj

summary

Multiple vulnerabilities have been found in OpenJPEG, the worst of
    which could result in the arbitrary execution of code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27814.json

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27814.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-27814

reference_id

reference_type

scores

value	0.00212
scoring_system	epss
scoring_elements	0.43658
published_at	2026-04-01T12:55:00Z

value	0.00212
scoring_system	epss
scoring_elements	0.43684
published_at	2026-04-21T12:55:00Z

value	0.00212
scoring_system	epss
scoring_elements	0.4376
published_at	2026-04-16T12:55:00Z

value	0.00212
scoring_system	epss
scoring_elements	0.43752
published_at	2026-04-18T12:55:00Z

value	0.00212
scoring_system	epss
scoring_elements	0.43715
published_at	2026-04-02T12:55:00Z

value	0.00212
scoring_system	epss
scoring_elements	0.4374
published_at	2026-04-04T12:55:00Z

value	0.00212
scoring_system	epss
scoring_elements	0.43674
published_at	2026-04-07T12:55:00Z

value	0.00212
scoring_system	epss
scoring_elements	0.43724
published_at	2026-04-08T12:55:00Z

value	0.00212
scoring_system	epss
scoring_elements	0.43727
published_at	2026-04-09T12:55:00Z

value	0.00212
scoring_system	epss
scoring_elements	0.43747
published_at	2026-04-11T12:55:00Z

value	0.00212
scoring_system	epss
scoring_elements	0.43716
published_at	2026-04-12T12:55:00Z

value	0.00212
scoring_system	epss
scoring_elements	0.43699
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-27814

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15389
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15389

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27814
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27814

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27823
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27823

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27824
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27824

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27841
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27841

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27842
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27842

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27843
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27843

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27845
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27845

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6851
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6851

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8112
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8112

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://github.com/uclouvain/openjpeg/issues/1283
reference_id
reference_type
scores
url	https://github.com/uclouvain/openjpeg/issues/1283

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1901998
reference_id	1901998
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1901998

reference_url	https://security.archlinux.org/ASA-202012-21
reference_id	ASA-202012-21
reference_type
scores
url	https://security.archlinux.org/ASA-202012-21

reference_url

https://security.archlinux.org/AVG-1339

reference_id

AVG-1339

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1339

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2020-27814
reference_id	CVE-2020-27814
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2020-27814

reference_url	https://security.gentoo.org/glsa/202101-29
reference_id	GLSA-202101-29
reference_type
scores
url	https://security.gentoo.org/glsa/202101-29

reference_url	https://access.redhat.com/errata/RHSA-2021:4251
reference_id	RHSA-2021:4251
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4251

reference_url	https://usn.ubuntu.com/4685-1/
reference_id	USN-4685-1
reference_type
scores
url	https://usn.ubuntu.com/4685-1/

reference_url	https://usn.ubuntu.com/4686-1/
reference_id	USN-4686-1
reference_type
scores
url	https://usn.ubuntu.com/4686-1/

reference_url	https://usn.ubuntu.com/4880-1/
reference_id	USN-4880-1
reference_type
scores
url	https://usn.ubuntu.com/4880-1/

reference_url	https://usn.ubuntu.com/5952-1/
reference_id	USN-5952-1
reference_type
scores
url	https://usn.ubuntu.com/5952-1/

fixed_packages

url pkg:conan/openjpeg@2.4.0

purl pkg:conan/openjpeg@2.4.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-an46-hxt9-57e1

vulnerability	VCID-pzv2-p44c-8qg4

vulnerability	VCID-xh3j-ufru-6fby

resource_url http://public2.vulnerablecode.io/packages/pkg:conan/openjpeg@2.4.0

aliases CVE-2020-27814

risk_score 3.5

exploitability 0.5

weighted_severity 7.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-u497-trj1-rfdj

url VCID-whsh-5urk-b3ap

vulnerability_id VCID-whsh-5urk-b3ap

summary openjpeg: heap-buffer-overflow write in opj_tcd_dc_level_shift_encode()

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27823.json

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27823.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-27823

reference_id

reference_type

scores

value	0.00046
scoring_system	epss
scoring_elements	0.14051
published_at	2026-04-01T12:55:00Z

value	0.00046
scoring_system	epss
scoring_elements	0.13953
published_at	2026-04-21T12:55:00Z

value	0.00046
scoring_system	epss
scoring_elements	0.13882
published_at	2026-04-16T12:55:00Z

value	0.00046
scoring_system	epss
scoring_elements	0.13874
published_at	2026-04-18T12:55:00Z

value	0.00046
scoring_system	epss
scoring_elements	0.14132
published_at	2026-04-02T12:55:00Z

value	0.00046
scoring_system	epss
scoring_elements	0.14188
published_at	2026-04-04T12:55:00Z

value	0.00046
scoring_system	epss
scoring_elements	0.14004
published_at	2026-04-07T12:55:00Z

value	0.00046
scoring_system	epss
scoring_elements	0.14086
published_at	2026-04-08T12:55:00Z

value	0.00046
scoring_system	epss
scoring_elements	0.14139
published_at	2026-04-09T12:55:00Z

value	0.00046
scoring_system	epss
scoring_elements	0.14082
published_at	2026-04-11T12:55:00Z

value	0.00046
scoring_system	epss
scoring_elements	0.1404
published_at	2026-04-12T12:55:00Z

value	0.00046
scoring_system	epss
scoring_elements	0.13988
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-27823

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15389
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15389

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27814
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27814

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27823
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27823

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27824
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27824

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27841
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27841

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27842
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27842

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27843
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27843

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27845
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27845

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6851
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6851

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8112
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8112

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1905762
reference_id	1905762
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1905762

reference_url

https://security.archlinux.org/AVG-1980

reference_id

AVG-1980

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1980

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2020-27823
reference_id	CVE-2020-27823
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2020-27823

reference_url	https://access.redhat.com/errata/RHSA-2021:4251
reference_id	RHSA-2021:4251
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4251

reference_url	https://usn.ubuntu.com/4685-1/
reference_id	USN-4685-1
reference_type
scores
url	https://usn.ubuntu.com/4685-1/

reference_url	https://usn.ubuntu.com/4880-1/
reference_id	USN-4880-1
reference_type
scores
url	https://usn.ubuntu.com/4880-1/

reference_url	https://usn.ubuntu.com/5952-1/
reference_id	USN-5952-1
reference_type
scores
url	https://usn.ubuntu.com/5952-1/

fixed_packages

url pkg:conan/openjpeg@2.4.0

purl pkg:conan/openjpeg@2.4.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-an46-hxt9-57e1

vulnerability	VCID-pzv2-p44c-8qg4

vulnerability	VCID-xh3j-ufru-6fby

resource_url http://public2.vulnerablecode.io/packages/pkg:conan/openjpeg@2.4.0

aliases CVE-2020-27823

risk_score 3.5

exploitability 0.5

weighted_severity 7.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-whsh-5urk-b3ap

url VCID-xc4v-2aa6-yfd6

vulnerability_id VCID-xc4v-2aa6-yfd6

summary

Multiple vulnerabilities have been found in OpenJPEG, the worst of
    which could result in the arbitrary execution of code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27843.json

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27843.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-27843

reference_id

reference_type

scores

value	0.00134
scoring_system	epss
scoring_elements	0.32926
published_at	2026-04-01T12:55:00Z

value	0.00134
scoring_system	epss
scoring_elements	0.32917
published_at	2026-04-21T12:55:00Z

value	0.00134
scoring_system	epss
scoring_elements	0.32976
published_at	2026-04-16T12:55:00Z

value	0.00134
scoring_system	epss
scoring_elements	0.32954
published_at	2026-04-18T12:55:00Z

value	0.00134
scoring_system	epss
scoring_elements	0.33055
published_at	2026-04-02T12:55:00Z

value	0.00134
scoring_system	epss
scoring_elements	0.33088
published_at	2026-04-04T12:55:00Z

value	0.00134
scoring_system	epss
scoring_elements	0.32918
published_at	2026-04-07T12:55:00Z

value	0.00134
scoring_system	epss
scoring_elements	0.32964
published_at	2026-04-08T12:55:00Z

value	0.00134
scoring_system	epss
scoring_elements	0.32994
published_at	2026-04-09T12:55:00Z

value	0.00134
scoring_system	epss
scoring_elements	0.32997
published_at	2026-04-11T12:55:00Z

value	0.00134
scoring_system	epss
scoring_elements	0.32959
published_at	2026-04-12T12:55:00Z

value	0.00134
scoring_system	epss
scoring_elements	0.32934
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-27843

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15389
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15389

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27814
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27814

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27823
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27823

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27824
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27824

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27841
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27841

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27842
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27842

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27843
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27843

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27845
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27845

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6851
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6851

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8112
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8112

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1907516
reference_id	1907516
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1907516

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=983663
reference_id	983663
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=983663

reference_url	https://security.archlinux.org/ASA-202012-21
reference_id	ASA-202012-21
reference_type
scores
url	https://security.archlinux.org/ASA-202012-21

reference_url

https://security.archlinux.org/AVG-1339

reference_id

AVG-1339

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1339

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2020-27843
reference_id	CVE-2020-27843
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2020-27843

reference_url	https://security.gentoo.org/glsa/202101-29
reference_id	GLSA-202101-29
reference_type
scores
url	https://security.gentoo.org/glsa/202101-29

reference_url	https://access.redhat.com/errata/RHSA-2021:4251
reference_id	RHSA-2021:4251
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4251

reference_url	https://usn.ubuntu.com/4685-1/
reference_id	USN-4685-1
reference_type
scores
url	https://usn.ubuntu.com/4685-1/

reference_url	https://usn.ubuntu.com/4686-1/
reference_id	USN-4686-1
reference_type
scores
url	https://usn.ubuntu.com/4686-1/

reference_url	https://usn.ubuntu.com/5952-1/
reference_id	USN-5952-1
reference_type
scores
url	https://usn.ubuntu.com/5952-1/

fixed_packages

url pkg:conan/openjpeg@2.4.0

purl pkg:conan/openjpeg@2.4.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-an46-hxt9-57e1

vulnerability	VCID-pzv2-p44c-8qg4

vulnerability	VCID-xh3j-ufru-6fby

resource_url http://public2.vulnerablecode.io/packages/pkg:conan/openjpeg@2.4.0

aliases CVE-2020-27843

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xc4v-2aa6-yfd6

url VCID-xd8s-688v-tbd7

vulnerability_id VCID-xd8s-688v-tbd7

summary

Multiple vulnerabilities have been found in OpenJPEG, the worst of
    which could result in the arbitrary execution of code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27844.json

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27844.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-27844

reference_id

reference_type

scores

value	0.00778
scoring_system	epss
scoring_elements	0.73599
published_at	2026-04-01T12:55:00Z

value	0.00778
scoring_system	epss
scoring_elements	0.73604
published_at	2026-04-07T12:55:00Z

value	0.00778
scoring_system	epss
scoring_elements	0.73676
published_at	2026-04-11T12:55:00Z

value	0.00778
scoring_system	epss
scoring_elements	0.73658
published_at	2026-04-12T12:55:00Z

value	0.00778
scoring_system	epss
scoring_elements	0.7365
published_at	2026-04-13T12:55:00Z

value	0.00778
scoring_system	epss
scoring_elements	0.73694
published_at	2026-04-16T12:55:00Z

value	0.00778
scoring_system	epss
scoring_elements	0.73703
published_at	2026-04-18T12:55:00Z

value	0.00778
scoring_system	epss
scoring_elements	0.73608
published_at	2026-04-02T12:55:00Z

value	0.00778
scoring_system	epss
scoring_elements	0.73632
published_at	2026-04-04T12:55:00Z

value	0.00778
scoring_system	epss
scoring_elements	0.7364
published_at	2026-04-08T12:55:00Z

value	0.00778
scoring_system	epss
scoring_elements	0.73653
published_at	2026-04-09T12:55:00Z

value	0.01994
scoring_system	epss
scoring_elements	0.83663
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-27844

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1907521
reference_id	1907521
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1907521

reference_url	https://security.archlinux.org/ASA-202103-19
reference_id	ASA-202103-19
reference_type
scores
url	https://security.archlinux.org/ASA-202103-19

reference_url

https://security.archlinux.org/AVG-1361

reference_id

AVG-1361

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1361

reference_url

https://security.archlinux.org/AVG-1631

reference_id

AVG-1631

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1631

reference_url

https://security.archlinux.org/AVG-1633

reference_id

AVG-1633

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1633

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2020-27844
reference_id	CVE-2020-27844
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2020-27844

reference_url	https://security.gentoo.org/glsa/202101-29
reference_id	GLSA-202101-29
reference_type
scores
url	https://security.gentoo.org/glsa/202101-29

fixed_packages

url pkg:conan/openjpeg@2.4.0

purl pkg:conan/openjpeg@2.4.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-an46-hxt9-57e1

vulnerability	VCID-pzv2-p44c-8qg4

vulnerability	VCID-xh3j-ufru-6fby

resource_url http://public2.vulnerablecode.io/packages/pkg:conan/openjpeg@2.4.0

aliases CVE-2020-27844

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xd8s-688v-tbd7

url VCID-zgaa-57ak-jbex

vulnerability_id VCID-zgaa-57ak-jbex

summary

Multiple vulnerabilities have been found in OpenJPEG, the worst of
    which could result in the arbitrary execution of code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27845.json

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27845.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-27845

reference_id

reference_type

scores

value	0.00113
scoring_system	epss
scoring_elements	0.29845
published_at	2026-04-01T12:55:00Z

value	0.00113
scoring_system	epss
scoring_elements	0.29714
published_at	2026-04-21T12:55:00Z

value	0.00113
scoring_system	epss
scoring_elements	0.29779
published_at	2026-04-16T12:55:00Z

value	0.00113
scoring_system	epss
scoring_elements	0.29758
published_at	2026-04-18T12:55:00Z

value	0.00113
scoring_system	epss
scoring_elements	0.2989
published_at	2026-04-02T12:55:00Z

value	0.00113
scoring_system	epss
scoring_elements	0.29938
published_at	2026-04-04T12:55:00Z

value	0.00113
scoring_system	epss
scoring_elements	0.2975
published_at	2026-04-07T12:55:00Z

value	0.00113
scoring_system	epss
scoring_elements	0.29812
published_at	2026-04-08T12:55:00Z

value	0.00113
scoring_system	epss
scoring_elements	0.29847
published_at	2026-04-09T12:55:00Z

value	0.00113
scoring_system	epss
scoring_elements	0.29856
published_at	2026-04-11T12:55:00Z

value	0.00113
scoring_system	epss
scoring_elements	0.2981
published_at	2026-04-12T12:55:00Z

value	0.00113
scoring_system	epss
scoring_elements	0.2976
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-27845

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15389
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15389

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27814
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27814

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27823
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27823

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27824
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27824

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27841
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27841

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27842
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27842

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27843
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27843

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27845
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27845

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6851
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6851

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8112
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8112

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1907523
reference_id	1907523
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1907523

reference_url	https://security.archlinux.org/ASA-202012-21
reference_id	ASA-202012-21
reference_type
scores
url	https://security.archlinux.org/ASA-202012-21

reference_url

https://security.archlinux.org/AVG-1339

reference_id

AVG-1339

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1339

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2020-27845
reference_id	CVE-2020-27845
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2020-27845

reference_url	https://security.gentoo.org/glsa/202101-29
reference_id	GLSA-202101-29
reference_type
scores
url	https://security.gentoo.org/glsa/202101-29

reference_url	https://access.redhat.com/errata/RHSA-2021:4251
reference_id	RHSA-2021:4251
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4251

reference_url	https://usn.ubuntu.com/4685-1/
reference_id	USN-4685-1
reference_type
scores
url	https://usn.ubuntu.com/4685-1/

reference_url	https://usn.ubuntu.com/4686-1/
reference_id	USN-4686-1
reference_type
scores
url	https://usn.ubuntu.com/4686-1/

reference_url	https://usn.ubuntu.com/4880-1/
reference_id	USN-4880-1
reference_type
scores
url	https://usn.ubuntu.com/4880-1/

reference_url	https://usn.ubuntu.com/5952-1/
reference_id	USN-5952-1
reference_type
scores
url	https://usn.ubuntu.com/5952-1/

fixed_packages

url pkg:conan/openjpeg@2.4.0

purl pkg:conan/openjpeg@2.4.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-an46-hxt9-57e1

vulnerability	VCID-pzv2-p44c-8qg4

vulnerability	VCID-xh3j-ufru-6fby

resource_url http://public2.vulnerablecode.io/packages/pkg:conan/openjpeg@2.4.0

aliases CVE-2020-27845

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zgaa-57ak-jbex

Risk_score 3.4

Resource_url http://public2.vulnerablecode.io/packages/pkg:conan/openjpeg@2.4.0

Package Instance