{"containers":{"cna":{"affected":[{"product":"openjpeg2","vendor":"n/a","versions":[{"status":"affected","version":"openjpeg2 version 2.4.0 and prior"}]}],"descriptions":[{"lang":"en","value":"A flaw was found in the opj2_decompress program in openjpeg2 2.4.0 in the way it handles an input directory with a large number of files. When it fails to allocate a buffer to store the filenames of the input directory, it calls free() on an uninitialized pointer, leading to a segmentation fault and a denial of service."}],"problemTypes":[{"descriptions":[{"cweId":"CWE-665","description":"CWE-665->CWE-824","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2022-09-07T04:06:31.000Z","orgId":"53f830b8-0a3f-465b-8143-3b8a9948e749","shortName":"redhat"},"references":[{"tags":["x_refsource_MISC"],"url":"https://github.com/uclouvain/openjpeg/issues/1368"},{"name":"FEDORA-2022-9515529c96","tags":["vendor-advisory","x_refsource_FEDORA"],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ROSN5NRUFOH7HGLJ4ZSKPGAKLFXJALW4/"},{"name":"[debian-lts-announce] 20220410 [SECURITY] [DLA 2975-1] openjpeg2 security update","tags":["mailing-list","x_refsource_MLIST"],"url":"https://lists.debian.org/debian-lts-announce/2022/04/msg00006.html"},{"name":"FEDORA-2022-2d112d4480","tags":["vendor-advisory","x_refsource_FEDORA"],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MIWSQFQWXDU4MT3XTVAO6HC7TVL3NHS7/"},{"name":"FEDORA-2022-975e21444a","tags":["vendor-advisory","x_refsource_FEDORA"],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RMKBAMK2CAM5TMC5TODKVCE5AAPTD5YV/"},{"name":"GLSA-202209-04","tags":["vendor-advisory","x_refsource_GENTOO"],"url":"https://security.gentoo.org/glsa/202209-04"}]},"adp":[{"title":"CVE Program Container","references":[{"tags":["x_refsource_MISC","x_transferred"],"url":"https://github.com/uclouvain/openjpeg/issues/1368"},{"name":"FEDORA-2022-9515529c96","tags":["vendor-advisory","x_refsource_FEDORA","x_transferred"],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ROSN5NRUFOH7HGLJ4ZSKPGAKLFXJALW4/"},{"name":"[debian-lts-announce] 20220410 [SECURITY] [DLA 2975-1] openjpeg2 security update","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"https://lists.debian.org/debian-lts-announce/2022/04/msg00006.html"},{"name":"FEDORA-2022-2d112d4480","tags":["vendor-advisory","x_refsource_FEDORA","x_transferred"],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MIWSQFQWXDU4MT3XTVAO6HC7TVL3NHS7/"},{"name":"FEDORA-2022-975e21444a","tags":["vendor-advisory","x_refsource_FEDORA","x_transferred"],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RMKBAMK2CAM5TMC5TODKVCE5AAPTD5YV/"},{"name":"GLSA-202209-04","tags":["vendor-advisory","x_refsource_GENTOO","x_transferred"],"url":"https://security.gentoo.org/glsa/202209-04"},{"url":"https://lists.debian.org/debian-lts-announce/2025/04/msg00002.html"}],"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2025-11-03T19:26:42.585Z"}}]},"cveMetadata":{"assignerOrgId":"53f830b8-0a3f-465b-8143-3b8a9948e749","assignerShortName":"redhat","cveId":"CVE-2022-1122","datePublished":"2022-03-29T17:25:44.000Z","dateReserved":"2022-03-28T00:00:00.000Z","dateUpdated":"2025-11-03T19:26:42.585Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.2"}