Search CVE reports
51 – 60 of 74 results
CVE-2016-10504
Medium prioritySome fixes available 2 of 3
Heap-based buffer overflow vulnerability in the opj_mqc_byteout function in mqc.c in OpenJPEG before 2.2.0 allows remote attackers to cause a denial of service (application crash) via a crafted bmp file.
2 affected packages
openjpeg, openjpeg2
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| openjpeg | — | — | — | Not in release | Ignored |
| openjpeg2 | — | — | — | Not affected | Fixed |
CVE-2017-12982
Low prioritySome fixes available 2 of 5
The bmp_read_info_header function in bin/jp2/convertbmp.c in OpenJPEG 2.2.0 does not reject headers with a zero biBitCount, which allows remote attackers to cause a denial of service (memory allocation failure) in...
3 affected packages
ghostscript, openjpeg, openjpeg2
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| ghostscript | — | Not affected | Not affected | Not affected | Not affected |
| openjpeg | — | Not in release | Not in release | Not in release | Not affected |
| openjpeg2 | — | Not affected | Not affected | Fixed | Fixed |
CVE-2016-4797
Medium prioritySome fixes available 1 of 2
Divide-by-zero vulnerability in the opj_tcd_init_tile function in tcd.c in OpenJPEG before 2.1.1 allows remote attackers to cause a denial of service (application crash) via a crafted jp2 file. NOTE: this issue exists because of...
2 affected packages
openjpeg, openjpeg2
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| openjpeg | — | — | — | Not in release | Ignored |
| openjpeg2 | — | — | — | Not affected | Fixed |
CVE-2016-4796
Medium priorityHeap-based buffer overflow in the color_cmyk_to_rgb in common/color.c in OpenJPEG before 2.1.1 allows remote attackers to cause a denial of service (crash) via a crafted .j2k file.
2 affected packages
openjpeg, openjpeg2
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| openjpeg | — | — | — | — | Not affected |
| openjpeg2 | — | — | — | — | Not affected |
CVE-2016-3183
Medium prioritySome fixes available 1 of 2
The sycc422_t_rgb function in common/color.c in OpenJPEG before 2.1.1 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted jpeg2000 file.
2 affected packages
openjpeg, openjpeg2
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| openjpeg | — | — | — | Not in release | Ignored |
| openjpeg2 | — | — | — | Not affected | Fixed |
CVE-2016-9675
Medium priorityopenjpeg: A heap-based buffer overflow flaw was found in the patch for CVE-2013-6045. A crafted j2k image could cause the application to crash, or potentially execute arbitrary code.
2 affected packages
openjpeg, openjpeg2
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| openjpeg | Not in release | Not in release | Not in release | Not in release | Not affected |
| openjpeg2 | Not affected | Not affected | Not affected | Not affected | Not affected |
CVE-2016-9118
Medium prioritySome fixes available 2 of 6
Heap Buffer Overflow (WRITE of size 4) in function pnmtoimage of convert.c:1719 in OpenJPEG 2.1.2.
2 affected packages
openjpeg, openjpeg2
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| openjpeg | — | Not in release | Not in release | Not in release | Ignored |
| openjpeg2 | — | Not affected | Not affected | Not affected | Fixed |
CVE-2016-9117
Low priorityNULL Pointer Access in function imagetopnm of convert.c(jp2):1289 in OpenJPEG 2.1.2. Impact is Denial of Service. Someone must open a crafted j2k file.
3 affected packages
ghostscript, openjpeg, openjpeg2
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| ghostscript | Not affected | Not affected | Not affected | Not affected | Not affected |
| openjpeg | Not in release | Not in release | Not in release | Not in release | Ignored |
| openjpeg2 | Not affected | Not affected | Not affected | Not affected | Vulnerable |
CVE-2016-9116
Low priorityNULL Pointer Access in function imagetopnm of convert.c:2226(jp2) in OpenJPEG 2.1.2. Impact is Denial of Service. Someone must open a crafted j2k file.
3 affected packages
ghostscript, openjpeg, openjpeg2
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| ghostscript | Not affected | Not affected | Not affected | Not affected | Not affected |
| openjpeg | Not in release | Not in release | Not in release | Not in release | Ignored |
| openjpeg2 | Not affected | Not affected | Not affected | Not affected | Vulnerable |
CVE-2016-9115
Low priorityHeap Buffer Over-read in function imagetotga of convert.c(jp2):942 in OpenJPEG 2.1.2. Impact is Denial of Service. Someone must open a crafted j2k file.
3 affected packages
ghostscript, openjpeg, openjpeg2
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| ghostscript | Not affected | Not affected | Not affected | Not affected | Not affected |
| openjpeg | Not in release | Not in release | Not in release | Not in release | Ignored |
| openjpeg2 | Not affected | Not affected | Not affected | Not affected | Vulnerable |