Heap-based Buffer Overflow in Grok 9.5.0's openhtj2k::T1OpenHTJ2K::decompress

Heap-based Buffer Overflow in Grok 9.5.0's openhtj2k::T1OpenHTJ2K::decompress

CVE-2021-45935 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Grok 9.5.0 has a heap-based buffer overflow in openhtj2k::T1OpenHTJ2K::decompress (called from std::__1::__packaged_task_func<std::__1::__bind<grk::T1DecompressScheduler::deco and std::__1::packaged_task<int).

Learn more about our Cis Benchmark Audit For Bind.