Search CVE reports
31 – 40 of 90 results
CVE-2016-9580
Medium priorityAn integer overflow vulnerability was found in tiftoimage function in openjpeg 2.1.2, resulting in heap buffer overflow.
2 affected packages
openjpeg, openjpeg2
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
openjpeg | — | Not in release | Not in release | Not in release | Ignored |
openjpeg2 | — | Not affected | Not affected | Not affected | Not affected |
CVE-2016-9572
Medium prioritySome fixes available 1 of 6
A NULL pointer dereference flaw was found in the way openjpeg 2.1.2 decoded certain input images. Due to a logic error in the code responsible for decoding the input image, an application using openjpeg to process image data could...
2 affected packages
openjpeg, openjpeg2
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
openjpeg | — | Not in release | Not in release | Not in release | Ignored |
openjpeg2 | — | Not affected | Not affected | Not affected | Fixed |
CVE-2016-9581
Medium priorityAn infinite loop vulnerability in tiftoimage that results in heap buffer overflow in convert_32s_C1P1 was found in openjpeg 2.1.2.
2 affected packages
openjpeg, openjpeg2
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
openjpeg | — | Not in release | Not in release | Not in release | Ignored |
openjpeg2 | — | Not affected | Not affected | Not affected | Not affected |
CVE-2016-9573
Medium prioritySome fixes available 1 of 6
An out-of-bounds read vulnerability was found in OpenJPEG 2.1.2, in the j2k_to_image tool. Converting a specially crafted JPEG2000 file to another format could cause the application to crash or, potentially, disclose some data...
2 affected packages
openjpeg, openjpeg2
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
openjpeg | — | Not in release | Not in release | Not in release | Ignored |
openjpeg2 | — | Not affected | Not affected | Not affected | Fixed |
CVE-2018-14423
Low prioritySome fixes available 2 of 5
Division-by-zero vulnerabilities in the functions pi_next_pcrl, pi_next_cprl, and pi_next_rpcl in lib/openjp3d/pi.c in OpenJPEG through 2.3.0 allow remote attackers to cause a denial of service (application crash).
2 affected packages
openjpeg, openjpeg2
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
openjpeg | — | Not in release | Not in release | Not in release | Not affected |
openjpeg2 | — | Not affected | Not affected | Fixed | Fixed |
CVE-2014-0158
Medium priorityHeap-based buffer overflow in the JPEG2000 image tile decoder in OpenJPEG before 1.5.2 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file because...
1 affected packages
openjpeg
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
openjpeg | — | — | — | — | — |
CVE-2018-7648
Medium priorityAn issue was discovered in mj2/opj_mj2_extract.c in OpenJPEG 2.3.0. The output prefix was not checked for length, which could overflow a buffer, when providing a prefix with 50 or more characters on the command line.
2 affected packages
openjpeg, openjpeg2
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
openjpeg | — | — | — | — | Not affected |
openjpeg2 | — | — | — | — | Not affected |
CVE-2018-6616
Medium prioritySome fixes available 2 of 4
In OpenJPEG 2.3.0, there is excessive iteration in the opj_t1_encode_cblks function of openjp2/t1.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file.
2 affected packages
openjpeg, openjpeg2
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
openjpeg | — | — | — | Not in release | Not affected |
openjpeg2 | — | — | — | Fixed | Fixed |
CVE-2018-5785
Medium prioritySome fixes available 2 of 4
In OpenJPEG 2.3.0, there is an integer overflow caused by an out-of-bounds left shift in the opj_j2k_setup_encoder function (openjp2/j2k.c). Remote attackers could leverage this vulnerability to cause a denial of service via a...
2 affected packages
openjpeg, openjpeg2
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
openjpeg | — | — | — | Not in release | Not affected |
openjpeg2 | — | — | — | Fixed | Fixed |
CVE-2018-5727
Negligible prioritySome fixes available 4 of 10
In OpenJPEG 2.3.0, there is an integer overflow vulnerability in the opj_t1_encode_cblks function (openjp2/t1.c). Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file.
3 affected packages
ghostscript, openjpeg, openjpeg2
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
ghostscript | — | Not affected | Not affected | Fixed | Fixed |
openjpeg | — | Not in release | Not in release | Not in release | Ignored |
openjpeg2 | — | Not affected | Not affected | Fixed | Fixed |