{"url":"http://public2.vulnerablecode.io/api/packages/47100?format=json","purl":"pkg:conan/openjpeg@2.4.0","type":"conan","namespace":"","name":"openjpeg","version":"2.4.0","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"2.5.0","latest_non_vulnerable_version":"2.5.0","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/13138?format=json","vulnerability_id":"VCID-an46-hxt9-57e1","summary":"Out-of-bounds Write\nA heap-based buffer overflow was found in openjpeg in color.c:379:42 in sycc420_to_rgb when decompressing a crafted .j2k file. An attacker could use this to execute arbitrary code with the permissions of the application compiled against openjpeg.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3575.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3575.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3575","reference_id":"","reference_type":"","scores":[{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.5588","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.55936","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.5583","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.55878","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.55991","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.56013","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.56042","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.56045","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.56056","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.56036","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.56018","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.56054","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.56057","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.5596","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.55887","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.55907","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.55884","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3575"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1957616","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1957616"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3575","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3575"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/uclouvain/openjpeg/issues/1347","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/uclouvain/openjpeg/issues/1347"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989775","reference_id":"989775","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989775"},{"reference_url":"https://security.archlinux.org/AVG-2850","reference_id":"AVG-2850","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2850"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-3575","reference_id":"CVE-2021-3575","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-3575"},{"reference_url":"https://ubuntu.com/security/CVE-2021-3575","reference_id":"CVE-2021-3575","reference_type":"","scores":[],"url":"https://ubuntu.com/security/CVE-2021-3575"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4251","reference_id":"RHSA-2021:4251","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4251"},{"reference_url":"https://usn.ubuntu.com/7083-1/","reference_id":"USN-7083-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7083-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/47101?format=json","purl":"pkg:conan/openjpeg@2.5.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:conan/openjpeg@2.5.0"}],"aliases":["CVE-2021-3575"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-an46-hxt9-57e1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34492?format=json","vulnerability_id":"VCID-pzv2-p44c-8qg4","summary":"Multiple vulnerabilities have been discovered in OpenJPEG, the worst of which could result in arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29338.json","reference_id":"","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29338.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-29338","reference_id":"","reference_type":"","scores":[{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.26175","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.25927","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.25813","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.25871","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.26256","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.26297","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.26067","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.26134","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.26182","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.2619","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.26144","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.26086","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.26092","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.2607","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.26035","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.25974","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.2597","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.25921","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-29338"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29338","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29338"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1950101","reference_id":"1950101","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1950101"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987276","reference_id":"987276","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987276"},{"reference_url":"https://security.archlinux.org/AVG-1390","reference_id":"AVG-1390","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1390"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-29338","reference_id":"CVE-2021-29338","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-29338"},{"reference_url":"https://security.gentoo.org/glsa/202209-04","reference_id":"GLSA-202209-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202209-04"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4251","reference_id":"RHSA-2021:4251","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4251"},{"reference_url":"https://usn.ubuntu.com/7083-1/","reference_id":"USN-7083-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7083-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/47101?format=json","purl":"pkg:conan/openjpeg@2.5.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:conan/openjpeg@2.5.0"}],"aliases":["CVE-2021-29338"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pzv2-p44c-8qg4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/13537?format=json","vulnerability_id":"VCID-xh3j-ufru-6fby","summary":"Access of Uninitialized Pointer\nA flaw was found in the opj2_decompress program in openjpeg2 2.4.0 in the way it handles an input directory with a large number of files. When it fails to allocate a buffer to store the filenames of the input directory, it calls free() on an uninitialized pointer, leading to a segmentation fault and a denial of service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1122.json","reference_id":"","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1122.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-1122","reference_id":"","reference_type":"","scores":[{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16315","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16373","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16267","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16263","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16222","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16093","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16208","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.17896","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.17852","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.17804","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.17747","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.17756","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.17813","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.17881","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.17976","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.18031","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.17732","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.17819","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-1122"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1122","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1122"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/uclouvain/openjpeg/issues/1368","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/uclouvain/openjpeg/issues/1368"},{"reference_url":"https://github.com/uclouvain/openjpeg/pull/1369","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/uclouvain/openjpeg/pull/1369"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ROSN5NRUFOH7HGLJ4ZSKPGAKLFXJALW4/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ROSN5NRUFOH7HGLJ4ZSKPGAKLFXJALW4/"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2067052","reference_id":"2067052","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2067052"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-1122","reference_id":"CVE-2022-1122","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-1122"},{"reference_url":"https://security.gentoo.org/glsa/202209-04","reference_id":"GLSA-202209-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202209-04"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7645","reference_id":"RHSA-2022:7645","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7645"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8207","reference_id":"RHSA-2022:8207","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8207"},{"reference_url":"https://usn.ubuntu.com/7083-1/","reference_id":"USN-7083-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7083-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/47101?format=json","purl":"pkg:conan/openjpeg@2.5.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:conan/openjpeg@2.5.0"}],"aliases":["CVE-2022-1122"],"risk_score":2.3,"exploitability":"0.5","weighted_severity":"4.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xh3j-ufru-6fby"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80758?format=json","vulnerability_id":"VCID-2ad2-5t5w-d7ew","summary":"openjpeg: global-buffer-overflow read in opj_dwt_calc_explicit_stepsizes()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27824.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27824.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-27824","reference_id":"","reference_type":"","scores":[{"value":"0.00149","scoring_system":"epss","scoring_elements":"0.34991","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00149","scoring_system":"epss","scoring_elements":"0.35403","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00149","scoring_system":"epss","scoring_elements":"0.3535","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00149","scoring_system":"epss","scoring_elements":"0.35114","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00149","scoring_system":"epss","scoring_elements":"0.35092","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00149","scoring_system":"epss","scoring_elements":"0.35003","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00149","scoring_system":"epss","scoring_elements":"0.34882","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00149","scoring_system":"epss","scoring_elements":"0.34954","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50934","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50912","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50933","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50798","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50895","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50892","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50854","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.5088","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50837","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-27824"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15389","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15389"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27814","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27814"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27823","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27823"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27824","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27824"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27841","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27841"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27842","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27842"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27843","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27843"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27845","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27845"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6851","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6851"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8112","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8112"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1905723","reference_id":"1905723","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1905723"},{"reference_url":"https://security.archlinux.org/ASA-202012-21","reference_id":"ASA-202012-21","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202012-21"},{"reference_url":"https://security.archlinux.org/AVG-1339","reference_id":"AVG-1339","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1339"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-27824","reference_id":"CVE-2020-27824","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-27824"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4251","reference_id":"RHSA-2021:4251","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4251"},{"reference_url":"https://usn.ubuntu.com/4685-1/","reference_id":"USN-4685-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4685-1/"},{"reference_url":"https://usn.ubuntu.com/4686-1/","reference_id":"USN-4686-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4686-1/"},{"reference_url":"https://usn.ubuntu.com/4880-1/","reference_id":"USN-4880-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4880-1/"},{"reference_url":"https://usn.ubuntu.com/5952-1/","reference_id":"USN-5952-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5952-1/"},{"reference_url":"https://usn.ubuntu.com/USN-5664-1/","reference_id":"USN-USN-5664-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-5664-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/47100?format=json","purl":"pkg:conan/openjpeg@2.4.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-an46-hxt9-57e1"},{"vulnerability":"VCID-pzv2-p44c-8qg4"},{"vulnerability":"VCID-xh3j-ufru-6fby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:conan/openjpeg@2.4.0"}],"aliases":["CVE-2020-27824"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2ad2-5t5w-d7ew"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40238?format=json","vulnerability_id":"VCID-3r1m-53dp-yff2","summary":"Multiple vulnerabilities have been found in OpenJPEG, the worst of\n    which could result in the arbitrary execution of code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27842.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27842.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-27842","reference_id":"","reference_type":"","scores":[{"value":"0.00113","scoring_system":"epss","scoring_elements":"0.29845","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00113","scoring_system":"epss","scoring_elements":"0.29387","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00113","scoring_system":"epss","scoring_elements":"0.2931","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00113","scoring_system":"epss","scoring_elements":"0.29373","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00113","scoring_system":"epss","scoring_elements":"0.2989","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00113","scoring_system":"epss","scoring_elements":"0.29938","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00113","scoring_system":"epss","scoring_elements":"0.2975","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00113","scoring_system":"epss","scoring_elements":"0.29812","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00113","scoring_system":"epss","scoring_elements":"0.29847","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00113","scoring_system":"epss","scoring_elements":"0.29856","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00113","scoring_system":"epss","scoring_elements":"0.2981","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00113","scoring_system":"epss","scoring_elements":"0.2976","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00113","scoring_system":"epss","scoring_elements":"0.29779","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00113","scoring_system":"epss","scoring_elements":"0.29758","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00113","scoring_system":"epss","scoring_elements":"0.29714","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00113","scoring_system":"epss","scoring_elements":"0.29634","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00113","scoring_system":"epss","scoring_elements":"0.2952","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00113","scoring_system":"epss","scoring_elements":"0.29457","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-27842"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15389","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15389"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27814","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27814"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27823","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27823"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27824","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27824"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27841","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27841"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27842","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27842"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27843","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27843"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27845","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27845"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6851","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6851"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8112","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8112"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1907513","reference_id":"1907513","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1907513"},{"reference_url":"https://security.archlinux.org/ASA-202012-21","reference_id":"ASA-202012-21","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202012-21"},{"reference_url":"https://security.archlinux.org/AVG-1339","reference_id":"AVG-1339","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1339"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-27842","reference_id":"CVE-2020-27842","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-27842"},{"reference_url":"https://security.gentoo.org/glsa/202101-29","reference_id":"GLSA-202101-29","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202101-29"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4251","reference_id":"RHSA-2021:4251","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4251"},{"reference_url":"https://usn.ubuntu.com/4685-1/","reference_id":"USN-4685-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4685-1/"},{"reference_url":"https://usn.ubuntu.com/4686-1/","reference_id":"USN-4686-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4686-1/"},{"reference_url":"https://usn.ubuntu.com/5952-1/","reference_id":"USN-5952-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5952-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/47100?format=json","purl":"pkg:conan/openjpeg@2.4.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-an46-hxt9-57e1"},{"vulnerability":"VCID-pzv2-p44c-8qg4"},{"vulnerability":"VCID-xh3j-ufru-6fby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:conan/openjpeg@2.4.0"}],"aliases":["CVE-2020-27842"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3r1m-53dp-yff2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40236?format=json","vulnerability_id":"VCID-4hbk-qsje-63fd","summary":"Multiple vulnerabilities have been found in OpenJPEG, the worst of\n    which could result in the arbitrary execution of code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27841.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27841.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-27841","reference_id":"","reference_type":"","scores":[{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.30361","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.30301","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.3025","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.30205","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.30141","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.30025","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.2995","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.3039","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.30436","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.30247","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.30307","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.30341","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.30345","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.30253","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.30268","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00309","scoring_system":"epss","scoring_elements":"0.53991","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00309","scoring_system":"epss","scoring_elements":"0.54033","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00309","scoring_system":"epss","scoring_elements":"0.54089","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-27841"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15389","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15389"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27814","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27814"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27823","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27823"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27824","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27824"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27841","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27841"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27842","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27842"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27843","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27843"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27845","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27845"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6851","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6851"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8112","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8112"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1907510","reference_id":"1907510","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1907510"},{"reference_url":"https://security.archlinux.org/ASA-202012-21","reference_id":"ASA-202012-21","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202012-21"},{"reference_url":"https://security.archlinux.org/AVG-1339","reference_id":"AVG-1339","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1339"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-27841","reference_id":"CVE-2020-27841","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-27841"},{"reference_url":"https://security.gentoo.org/glsa/202101-29","reference_id":"GLSA-202101-29","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202101-29"},{"reference_url":"https://usn.ubuntu.com/4685-1/","reference_id":"USN-4685-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4685-1/"},{"reference_url":"https://usn.ubuntu.com/4686-1/","reference_id":"USN-4686-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4686-1/"},{"reference_url":"https://usn.ubuntu.com/4880-1/","reference_id":"USN-4880-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4880-1/"},{"reference_url":"https://usn.ubuntu.com/5952-1/","reference_id":"USN-5952-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5952-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/47100?format=json","purl":"pkg:conan/openjpeg@2.4.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-an46-hxt9-57e1"},{"vulnerability":"VCID-pzv2-p44c-8qg4"},{"vulnerability":"VCID-xh3j-ufru-6fby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:conan/openjpeg@2.4.0"}],"aliases":["CVE-2020-27841"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4hbk-qsje-63fd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81676?format=json","vulnerability_id":"VCID-7ath-fa35-5uca","summary":"openjpeg: Heap-based buffer overflow in opj_t1_clbl_decode_processor()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6851.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6851.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-6851","reference_id":"","reference_type":"","scores":[{"value":"0.01434","scoring_system":"epss","scoring_elements":"0.80621","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01434","scoring_system":"epss","scoring_elements":"0.80816","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01434","scoring_system":"epss","scoring_elements":"0.80774","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01434","scoring_system":"epss","scoring_elements":"0.80796","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01434","scoring_system":"epss","scoring_elements":"0.80629","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01434","scoring_system":"epss","scoring_elements":"0.80651","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01434","scoring_system":"epss","scoring_elements":"0.80646","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01434","scoring_system":"epss","scoring_elements":"0.80674","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01434","scoring_system":"epss","scoring_elements":"0.80684","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01434","scoring_system":"epss","scoring_elements":"0.807","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01434","scoring_system":"epss","scoring_elements":"0.80687","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01434","scoring_system":"epss","scoring_elements":"0.80679","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01434","scoring_system":"epss","scoring_elements":"0.80713","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01434","scoring_system":"epss","scoring_elements":"0.80716","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01434","scoring_system":"epss","scoring_elements":"0.80739","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01434","scoring_system":"epss","scoring_elements":"0.80743","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01434","scoring_system":"epss","scoring_elements":"0.80757","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-6851"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15389","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15389"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27814","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27814"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27823","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27823"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27824","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27824"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27841","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27841"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27842","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27842"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27843","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27843"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27845","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27845"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6851","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6851"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8112","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8112"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1790511","reference_id":"1790511","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1790511"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=950000","reference_id":"950000","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=950000"},{"reference_url":"https://security.archlinux.org/ASA-202012-21","reference_id":"ASA-202012-21","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202012-21"},{"reference_url":"https://security.archlinux.org/AVG-1339","reference_id":"AVG-1339","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1339"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-6851","reference_id":"CVE-2020-6851","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-6851"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0262","reference_id":"RHSA-2020:0262","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:0262"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0274","reference_id":"RHSA-2020:0274","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:0274"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0296","reference_id":"RHSA-2020:0296","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:0296"},{"reference_url":"https://usn.ubuntu.com/4497-1/","reference_id":"USN-4497-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4497-1/"},{"reference_url":"https://usn.ubuntu.com/4686-1/","reference_id":"USN-4686-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4686-1/"},{"reference_url":"https://usn.ubuntu.com/5952-1/","reference_id":"USN-5952-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5952-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/47100?format=json","purl":"pkg:conan/openjpeg@2.4.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-an46-hxt9-57e1"},{"vulnerability":"VCID-pzv2-p44c-8qg4"},{"vulnerability":"VCID-xh3j-ufru-6fby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:conan/openjpeg@2.4.0"}],"aliases":["CVE-2020-6851"],"risk_score":3.6,"exploitability":"0.5","weighted_severity":"7.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7ath-fa35-5uca"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40229?format=json","vulnerability_id":"VCID-kq91-13ek-rkcu","summary":"Multiple vulnerabilities have been found in OpenJPEG, the worst of\n    which could result in the arbitrary execution of code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15389.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15389.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-15389","reference_id":"","reference_type":"","scores":[{"value":"0.00344","scoring_system":"epss","scoring_elements":"0.56898","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00344","scoring_system":"epss","scoring_elements":"0.57009","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00344","scoring_system":"epss","scoring_elements":"0.56902","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00344","scoring_system":"epss","scoring_elements":"0.56948","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00344","scoring_system":"epss","scoring_elements":"0.56995","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00344","scoring_system":"epss","scoring_elements":"0.57017","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00344","scoring_system":"epss","scoring_elements":"0.56994","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00344","scoring_system":"epss","scoring_elements":"0.57045","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00344","scoring_system":"epss","scoring_elements":"0.57047","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00344","scoring_system":"epss","scoring_elements":"0.57058","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00344","scoring_system":"epss","scoring_elements":"0.57037","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00344","scoring_system":"epss","scoring_elements":"0.57013","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00344","scoring_system":"epss","scoring_elements":"0.57041","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00344","scoring_system":"epss","scoring_elements":"0.57039","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00344","scoring_system":"epss","scoring_elements":"0.57016","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00344","scoring_system":"epss","scoring_elements":"0.5695","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00344","scoring_system":"epss","scoring_elements":"0.56968","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00344","scoring_system":"epss","scoring_elements":"0.56951","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-15389"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15389","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15389"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27814","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27814"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27823","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27823"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27824","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27824"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27841","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27841"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27842","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27842"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27843","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27843"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27845","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27845"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6851","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6851"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8112","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8112"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1852869","reference_id":"1852869","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1852869"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=965220","reference_id":"965220","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=965220"},{"reference_url":"https://security.archlinux.org/ASA-202012-21","reference_id":"ASA-202012-21","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202012-21"},{"reference_url":"https://security.archlinux.org/AVG-1339","reference_id":"AVG-1339","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1339"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-15389","reference_id":"CVE-2020-15389","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-15389"},{"reference_url":"https://security.gentoo.org/glsa/202101-29","reference_id":"GLSA-202101-29","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202101-29"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4251","reference_id":"RHSA-2021:4251","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4251"},{"reference_url":"https://usn.ubuntu.com/4497-1/","reference_id":"USN-4497-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4497-1/"},{"reference_url":"https://usn.ubuntu.com/4685-1/","reference_id":"USN-4685-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4685-1/"},{"reference_url":"https://usn.ubuntu.com/5952-1/","reference_id":"USN-5952-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5952-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/47100?format=json","purl":"pkg:conan/openjpeg@2.4.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-an46-hxt9-57e1"},{"vulnerability":"VCID-pzv2-p44c-8qg4"},{"vulnerability":"VCID-xh3j-ufru-6fby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:conan/openjpeg@2.4.0"}],"aliases":["CVE-2020-15389"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kq91-13ek-rkcu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81602?format=json","vulnerability_id":"VCID-mdhg-k4sr-3bg7","summary":"openjpeg: heap-based buffer overflow in pj_t1_clbl_decode_processor in openjp2/t1.c","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8112.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8112.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-8112","reference_id":"","reference_type":"","scores":[{"value":"0.01793","scoring_system":"epss","scoring_elements":"0.82691","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01793","scoring_system":"epss","scoring_elements":"0.82895","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01793","scoring_system":"epss","scoring_elements":"0.82854","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01793","scoring_system":"epss","scoring_elements":"0.82874","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01793","scoring_system":"epss","scoring_elements":"0.82708","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01793","scoring_system":"epss","scoring_elements":"0.8272","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01793","scoring_system":"epss","scoring_elements":"0.82717","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01793","scoring_system":"epss","scoring_elements":"0.82743","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01793","scoring_system":"epss","scoring_elements":"0.8275","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01793","scoring_system":"epss","scoring_elements":"0.82766","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01793","scoring_system":"epss","scoring_elements":"0.8276","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01793","scoring_system":"epss","scoring_elements":"0.82756","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01793","scoring_system":"epss","scoring_elements":"0.82795","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01793","scoring_system":"epss","scoring_elements":"0.82797","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01793","scoring_system":"epss","scoring_elements":"0.8282","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01793","scoring_system":"epss","scoring_elements":"0.82828","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01793","scoring_system":"epss","scoring_elements":"0.82834","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-8112"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15389","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15389"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27814","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27814"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27823","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27823"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27824","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27824"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27841","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27841"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27842","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27842"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27843","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27843"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27845","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27845"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6851","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6851"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8112","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8112"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1800535","reference_id":"1800535","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1800535"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=950184","reference_id":"950184","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=950184"},{"reference_url":"https://security.archlinux.org/ASA-202012-21","reference_id":"ASA-202012-21","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202012-21"},{"reference_url":"https://security.archlinux.org/AVG-1339","reference_id":"AVG-1339","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1339"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-8112","reference_id":"CVE-2020-8112","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-8112"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0550","reference_id":"RHSA-2020:0550","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:0550"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0569","reference_id":"RHSA-2020:0569","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:0569"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0570","reference_id":"RHSA-2020:0570","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:0570"},{"reference_url":"https://usn.ubuntu.com/4497-1/","reference_id":"USN-4497-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4497-1/"},{"reference_url":"https://usn.ubuntu.com/4686-1/","reference_id":"USN-4686-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4686-1/"},{"reference_url":"https://usn.ubuntu.com/5952-1/","reference_id":"USN-5952-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5952-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/47100?format=json","purl":"pkg:conan/openjpeg@2.4.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-an46-hxt9-57e1"},{"vulnerability":"VCID-pzv2-p44c-8qg4"},{"vulnerability":"VCID-xh3j-ufru-6fby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:conan/openjpeg@2.4.0"}],"aliases":["CVE-2020-8112"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"7.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mdhg-k4sr-3bg7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40231?format=json","vulnerability_id":"VCID-u497-trj1-rfdj","summary":"Multiple vulnerabilities have been found in OpenJPEG, the worst of\n    which could result in the arbitrary execution of code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27814.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27814.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-27814","reference_id":"","reference_type":"","scores":[{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43658","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43716","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43752","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43684","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.4362","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43624","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43541","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43715","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.4374","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43674","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43724","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43727","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43747","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43699","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.4376","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00223","scoring_system":"epss","scoring_elements":"0.44652","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00223","scoring_system":"epss","scoring_elements":"0.44722","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00223","scoring_system":"epss","scoring_elements":"0.44737","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-27814"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15389","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15389"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27814","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27814"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27823","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27823"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27824","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27824"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27841","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27841"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27842","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27842"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27843","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27843"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27845","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27845"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6851","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6851"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8112","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8112"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/uclouvain/openjpeg/issues/1283","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/uclouvain/openjpeg/issues/1283"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1901998","reference_id":"1901998","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1901998"},{"reference_url":"https://security.archlinux.org/ASA-202012-21","reference_id":"ASA-202012-21","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202012-21"},{"reference_url":"https://security.archlinux.org/AVG-1339","reference_id":"AVG-1339","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1339"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-27814","reference_id":"CVE-2020-27814","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-27814"},{"reference_url":"https://security.gentoo.org/glsa/202101-29","reference_id":"GLSA-202101-29","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202101-29"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4251","reference_id":"RHSA-2021:4251","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4251"},{"reference_url":"https://usn.ubuntu.com/4685-1/","reference_id":"USN-4685-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4685-1/"},{"reference_url":"https://usn.ubuntu.com/4686-1/","reference_id":"USN-4686-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4686-1/"},{"reference_url":"https://usn.ubuntu.com/4880-1/","reference_id":"USN-4880-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4880-1/"},{"reference_url":"https://usn.ubuntu.com/5952-1/","reference_id":"USN-5952-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5952-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/47100?format=json","purl":"pkg:conan/openjpeg@2.4.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-an46-hxt9-57e1"},{"vulnerability":"VCID-pzv2-p44c-8qg4"},{"vulnerability":"VCID-xh3j-ufru-6fby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:conan/openjpeg@2.4.0"}],"aliases":["CVE-2020-27814"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-u497-trj1-rfdj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80759?format=json","vulnerability_id":"VCID-whsh-5urk-b3ap","summary":"openjpeg: heap-buffer-overflow write in opj_tcd_dc_level_shift_encode()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27823.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27823.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-27823","reference_id":"","reference_type":"","scores":[{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.14051","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.1404","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.13874","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.13953","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.13989","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.13963","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.13897","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.14132","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.14188","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.14004","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.14086","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.14139","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.14082","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.13988","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.13882","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16065","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.1618","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16288","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-27823"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15389","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15389"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27814","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27814"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27823","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27823"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27824","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27824"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27841","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27841"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27842","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27842"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27843","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27843"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27845","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27845"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6851","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6851"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8112","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8112"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1905762","reference_id":"1905762","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1905762"},{"reference_url":"https://security.archlinux.org/AVG-1980","reference_id":"AVG-1980","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1980"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-27823","reference_id":"CVE-2020-27823","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-27823"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4251","reference_id":"RHSA-2021:4251","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4251"},{"reference_url":"https://usn.ubuntu.com/4685-1/","reference_id":"USN-4685-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4685-1/"},{"reference_url":"https://usn.ubuntu.com/4880-1/","reference_id":"USN-4880-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4880-1/"},{"reference_url":"https://usn.ubuntu.com/5952-1/","reference_id":"USN-5952-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5952-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/47100?format=json","purl":"pkg:conan/openjpeg@2.4.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-an46-hxt9-57e1"},{"vulnerability":"VCID-pzv2-p44c-8qg4"},{"vulnerability":"VCID-xh3j-ufru-6fby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:conan/openjpeg@2.4.0"}],"aliases":["CVE-2020-27823"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-whsh-5urk-b3ap"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40239?format=json","vulnerability_id":"VCID-xc4v-2aa6-yfd6","summary":"Multiple vulnerabilities have been found in OpenJPEG, the worst of\n    which could result in the arbitrary execution of code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27843.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27843.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-27843","reference_id":"","reference_type":"","scores":[{"value":"0.00134","scoring_system":"epss","scoring_elements":"0.32926","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00134","scoring_system":"epss","scoring_elements":"0.32507","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00134","scoring_system":"epss","scoring_elements":"0.32434","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00134","scoring_system":"epss","scoring_elements":"0.32497","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00134","scoring_system":"epss","scoring_elements":"0.33055","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00134","scoring_system":"epss","scoring_elements":"0.33088","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00134","scoring_system":"epss","scoring_elements":"0.32918","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00134","scoring_system":"epss","scoring_elements":"0.32964","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00134","scoring_system":"epss","scoring_elements":"0.32994","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00134","scoring_system":"epss","scoring_elements":"0.32997","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00134","scoring_system":"epss","scoring_elements":"0.32959","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00134","scoring_system":"epss","scoring_elements":"0.32934","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00134","scoring_system":"epss","scoring_elements":"0.32976","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00134","scoring_system":"epss","scoring_elements":"0.32954","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00134","scoring_system":"epss","scoring_elements":"0.32917","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00134","scoring_system":"epss","scoring_elements":"0.3277","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00134","scoring_system":"epss","scoring_elements":"0.32657","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00134","scoring_system":"epss","scoring_elements":"0.32573","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-27843"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15389","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15389"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27814","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27814"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27823","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27823"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27824","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27824"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27841","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27841"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27842","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27842"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27843","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27843"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27845","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27845"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6851","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6851"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8112","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8112"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1907516","reference_id":"1907516","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1907516"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=983663","reference_id":"983663","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=983663"},{"reference_url":"https://security.archlinux.org/ASA-202012-21","reference_id":"ASA-202012-21","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202012-21"},{"reference_url":"https://security.archlinux.org/AVG-1339","reference_id":"AVG-1339","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1339"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-27843","reference_id":"CVE-2020-27843","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-27843"},{"reference_url":"https://security.gentoo.org/glsa/202101-29","reference_id":"GLSA-202101-29","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202101-29"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4251","reference_id":"RHSA-2021:4251","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4251"},{"reference_url":"https://usn.ubuntu.com/4685-1/","reference_id":"USN-4685-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4685-1/"},{"reference_url":"https://usn.ubuntu.com/4686-1/","reference_id":"USN-4686-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4686-1/"},{"reference_url":"https://usn.ubuntu.com/5952-1/","reference_id":"USN-5952-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5952-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/47100?format=json","purl":"pkg:conan/openjpeg@2.4.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-an46-hxt9-57e1"},{"vulnerability":"VCID-pzv2-p44c-8qg4"},{"vulnerability":"VCID-xh3j-ufru-6fby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:conan/openjpeg@2.4.0"}],"aliases":["CVE-2020-27843"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xc4v-2aa6-yfd6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40240?format=json","vulnerability_id":"VCID-xd8s-688v-tbd7","summary":"Multiple vulnerabilities have been found in OpenJPEG, the worst of\n    which could result in the arbitrary execution of code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27844.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27844.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-27844","reference_id":"","reference_type":"","scores":[{"value":"0.00778","scoring_system":"epss","scoring_elements":"0.73599","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00778","scoring_system":"epss","scoring_elements":"0.73676","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00778","scoring_system":"epss","scoring_elements":"0.73608","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00778","scoring_system":"epss","scoring_elements":"0.73632","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00778","scoring_system":"epss","scoring_elements":"0.73604","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00778","scoring_system":"epss","scoring_elements":"0.7364","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00778","scoring_system":"epss","scoring_elements":"0.73653","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00778","scoring_system":"epss","scoring_elements":"0.73658","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00778","scoring_system":"epss","scoring_elements":"0.7365","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00778","scoring_system":"epss","scoring_elements":"0.73694","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00778","scoring_system":"epss","scoring_elements":"0.73703","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01994","scoring_system":"epss","scoring_elements":"0.83699","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01994","scoring_system":"epss","scoring_elements":"0.83722","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01994","scoring_system":"epss","scoring_elements":"0.83759","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01994","scoring_system":"epss","scoring_elements":"0.83663","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01994","scoring_system":"epss","scoring_elements":"0.83687","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01994","scoring_system":"epss","scoring_elements":"0.83694","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01994","scoring_system":"epss","scoring_elements":"0.83741","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-27844"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1907521","reference_id":"1907521","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1907521"},{"reference_url":"https://security.archlinux.org/ASA-202103-19","reference_id":"ASA-202103-19","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202103-19"},{"reference_url":"https://security.archlinux.org/AVG-1361","reference_id":"AVG-1361","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1361"},{"reference_url":"https://security.archlinux.org/AVG-1631","reference_id":"AVG-1631","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1631"},{"reference_url":"https://security.archlinux.org/AVG-1633","reference_id":"AVG-1633","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1633"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-27844","reference_id":"CVE-2020-27844","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-27844"},{"reference_url":"https://security.gentoo.org/glsa/202101-29","reference_id":"GLSA-202101-29","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202101-29"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/47100?format=json","purl":"pkg:conan/openjpeg@2.4.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-an46-hxt9-57e1"},{"vulnerability":"VCID-pzv2-p44c-8qg4"},{"vulnerability":"VCID-xh3j-ufru-6fby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:conan/openjpeg@2.4.0"}],"aliases":["CVE-2020-27844"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xd8s-688v-tbd7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40241?format=json","vulnerability_id":"VCID-zgaa-57ak-jbex","summary":"Multiple vulnerabilities have been found in OpenJPEG, the worst of\n    which could result in the arbitrary execution of code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27845.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27845.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-27845","reference_id":"","reference_type":"","scores":[{"value":"0.00113","scoring_system":"epss","scoring_elements":"0.29845","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00113","scoring_system":"epss","scoring_elements":"0.29387","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00113","scoring_system":"epss","scoring_elements":"0.2931","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00113","scoring_system":"epss","scoring_elements":"0.29373","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00113","scoring_system":"epss","scoring_elements":"0.2989","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00113","scoring_system":"epss","scoring_elements":"0.29938","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00113","scoring_system":"epss","scoring_elements":"0.2975","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00113","scoring_system":"epss","scoring_elements":"0.29812","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00113","scoring_system":"epss","scoring_elements":"0.29847","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00113","scoring_system":"epss","scoring_elements":"0.29856","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00113","scoring_system":"epss","scoring_elements":"0.2981","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00113","scoring_system":"epss","scoring_elements":"0.2976","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00113","scoring_system":"epss","scoring_elements":"0.29779","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00113","scoring_system":"epss","scoring_elements":"0.29758","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00113","scoring_system":"epss","scoring_elements":"0.29714","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00113","scoring_system":"epss","scoring_elements":"0.29634","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00113","scoring_system":"epss","scoring_elements":"0.2952","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00113","scoring_system":"epss","scoring_elements":"0.29457","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-27845"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15389","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15389"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27814","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27814"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27823","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27823"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27824","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27824"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27841","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27841"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27842","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27842"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27843","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27843"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27845","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27845"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6851","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6851"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8112","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8112"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1907523","reference_id":"1907523","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1907523"},{"reference_url":"https://security.archlinux.org/ASA-202012-21","reference_id":"ASA-202012-21","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202012-21"},{"reference_url":"https://security.archlinux.org/AVG-1339","reference_id":"AVG-1339","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1339"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-27845","reference_id":"CVE-2020-27845","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-27845"},{"reference_url":"https://security.gentoo.org/glsa/202101-29","reference_id":"GLSA-202101-29","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202101-29"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4251","reference_id":"RHSA-2021:4251","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4251"},{"reference_url":"https://usn.ubuntu.com/4685-1/","reference_id":"USN-4685-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4685-1/"},{"reference_url":"https://usn.ubuntu.com/4686-1/","reference_id":"USN-4686-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4686-1/"},{"reference_url":"https://usn.ubuntu.com/4880-1/","reference_id":"USN-4880-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4880-1/"},{"reference_url":"https://usn.ubuntu.com/5952-1/","reference_id":"USN-5952-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5952-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/47100?format=json","purl":"pkg:conan/openjpeg@2.4.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-an46-hxt9-57e1"},{"vulnerability":"VCID-pzv2-p44c-8qg4"},{"vulnerability":"VCID-xh3j-ufru-6fby"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:conan/openjpeg@2.4.0"}],"aliases":["CVE-2020-27845"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zgaa-57ak-jbex"}],"risk_score":"3.4","resource_url":"http://public2.vulnerablecode.io/packages/pkg:conan/openjpeg@2.4.0"}