CVE-2022-1122
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2022-1122
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
A flaw was found in the opj2_decompress program in openjpeg2 2.4.0 in the way it handles an input directory with a large number of files. When it fails to allocate a buffer to store the filenames of the input directory, it calls free() on an uninitialized pointer, leading to a segmentation fault and a denial of service.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
初始化不恰当
Source: NVD (National Vulnerability Database)
Vulnerability Title
OpenJPEG 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
OpenJPEG是一款基于C语言的开源JPEG2000编码解码器。 OpenJPEG 2.4.0版本存在安全漏洞,该漏洞源于opj2_decompress程序当它未能分配缓冲区来存储输入目录的文件名时,它会在未初始化的指针上调用free(),从而导致分段错误和拒绝服务。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | openjpeg2 | openjpeg2 version 2.4.0 and prior | - |
II. Public POCs for CVE-2022-1122
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2022-1122
Please Login to view more intelligence information
- https://github.com/uclouvain/openjpeg/issues/1368x_refsource_MISC
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MIWSQFQWXDU4MT3XTVAO6HC7TVL3NHS7/vendor-advisoryx_refsource_FEDORA
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ROSN5NRUFOH7HGLJ4ZSKPGAKLFXJALW4/vendor-advisoryx_refsource_FEDORA
- https://nvd.nist.gov/vuln/detail/CVE-2022-1122
Same Patch Batch · n/a · 2022-03-29 · 37 CVEs total
| CVE-2022-26951 | 6.5 MEDIUM | RSA Archer 跨站脚本漏洞 |
| CVE-2022-26947 | 6.3 MEDIUM | RSA Archer跨站脚本漏洞 |
| CVE-2022-26948 | 5.8 MEDIUM | RSA Archer安全漏洞 |
| CVE-2022-26950 | 5.4 MEDIUM | RSA Archer 输入验证错误漏洞 |
| CVE-2022-26949 | 5.3 MEDIUM | RSA Archer 安全漏洞 |
| CVE-2022-23937 | 5.3 MEDIUM | Wind River VxWorks 缓冲区错误漏洞 |
| CVE-2015-3298 | Yubico ykneo-openpgp 数据伪造问题漏洞 | |
| CVE-2021-42970 | cxuucms跨站脚本漏洞 | |
| CVE-2022-22948 | VMware vCenter Server 安全漏洞 | |
| CVE-2021-43109 | PuneethReddyHc Online Shopping System Advanced SQL注入漏洞 | |
| CVE-2021-43110 | PuneethReddyHc Online Shopping System Advanced 访问控制错误漏洞 | |
| CVE-2021-42911 | Draytek多款产品格式化字符串错误漏洞 | |
| CVE-2021-43118 | 多款 DrayTek Vigor 产品命令注入漏洞 | |
| CVE-2021-44082 | Textpattern CMS 跨站脚本漏洞 | |
| CVE-2022-26244 | Sourcecodester Hospital Patient Records Management System 跨站脚本漏洞 | |
| CVE-2021-44081 | Open5Gs 缓冲区错误漏洞 | |
| CVE-2022-27815 | SWHKD 后置链接漏洞 | |
| CVE-2022-27432 | Pluck 跨站请求伪造漏洞 | |
| CVE-2021-41594 | RSA Archer 安全漏洞 | |
| CVE-2021-44581 | Kreado Kreasfero SQL注入漏洞 |
Showing top 20 of 37 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-8251
Open5GS SMF npcf-handler.c update_authorized_pcc_rule_and_qo - CVE-2026-8250
Open5GS SMF n4-build.c smf_n4_build_qos_flow_to_modify_list - CVE-2026-8249
Open5GS SMF npcf-handler.c update_authorized_pcc_rule_and_qo - CVE-2026-8248
Open5GS SMF npcf-handler.c update_authorized_pcc_rule_and_qo - CVE-2026-8226
Open5GS types.c ogs_pcc_rule_install_flow_from_media denial
V. Comments for CVE-2022-1122
No comments yet