Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
uclouvain openjpeg 2.3.0 vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2019-6988
An issue exists in OpenJPEG 2.3.0. It allows remote malicious users to cause a denial of service (attempted excessive memory allocation) in opj_calloc in openjp2/opj_malloc.c, when called from opj_tcd_init_tile in openjp2/tcd.c, as demonstrated by the 64-bit opj_decompress.
Uclouvain Openjpeg 2.3.0
9.8
CVSSv3
CVE-2018-7648
An issue exists in mj2/opj_mj2_extract.c in OpenJPEG 2.3.0. The output prefix was not checked for length, which could overflow a buffer, when providing a prefix with 50 or more characters on the command line.
Uclouvain Openjpeg 2.3.0
6.5
CVSSv3
CVE-2018-5727
In OpenJPEG 2.3.0, there is an integer overflow vulnerability in the opj_t1_encode_cblks function (openjp2/t1.c). Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file.
Uclouvain Openjpeg 2.3.0
8.8
CVSSv3
CVE-2018-16375
An issue exists in OpenJPEG 2.3.0. Missing checks for header_info.height and header_info.width in the function pnmtoimage in bin/jpwl/convert.c can lead to a heap-based buffer overflow.
Uclouvain Openjpeg 2.3.0
8.8
CVSSv3
CVE-2018-16376
An issue exists in OpenJPEG 2.3.0. A heap-based buffer overflow exists in the function t2_encode_packet in lib/openmj2/t2.c. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service or possibly unspecified other impact.
Uclouvain Openjpeg 2.3.0
9.8
CVSSv3
CVE-2017-17479
In OpenJPEG 2.3.0, a stack-based buffer overflow exists in the pgxtoimage function in jpwl/convert.c. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service or possibly remote code execution.
Uclouvain Openjpeg 2.3.0
6.5
CVSSv3
CVE-2018-18088
OpenJPEG 2.3.0 has a NULL pointer dereference for "red" in the imagetopnm function of jp2/convert.c
Uclouvain Openjpeg 2.3.0
Debian Debian Linux 9.0
Debian Debian Linux 8.0
6.5
CVSSv3
CVE-2018-5785
In OpenJPEG 2.3.0, there is an integer overflow caused by an out-of-bounds left shift in the opj_j2k_setup_encoder function (openjp2/j2k.c). Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file.
Uclouvain Openjpeg 2.3.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 18.04
6.5
CVSSv3
CVE-2018-20846
Out-of-bounds accesses in the functions pi_next_lrcp, pi_next_rlcp, pi_next_rpcl, pi_next_pcrl, pi_next_rpcl, and pi_next_cprl in openmj2/pi.c in OpenJPEG up to and including 2.3.0 allow remote malicious users to cause a denial of service (application crash).
Uclouvain Openjpeg
6.5
CVSSv3
CVE-2018-20845
Division-by-zero vulnerabilities in the functions pi_next_pcrl, pi_next_cprl, and pi_next_rpcl in openmj2/pi.c in OpenJPEG up to and including 2.3.0 allow remote malicious users to cause a denial of service (application crash).
Uclouvain Openjpeg
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
administrator privileges
CVE-2024-1579
hardcoded
CVE-2023-20198
CVE-2024-33587
CVE-2024-33449
CVE-2024-4308
HTML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »