Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
uclouvain openjpeg 2.3.0 vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2018-7648
An issue exists in mj2/opj_mj2_extract.c in OpenJPEG 2.3.0. The output prefix was not checked for length, which could overflow a buffer, when providing a prefix with 50 or more characters on the command line.
Uclouvain Openjpeg 2.3.0
9.8
CVSSv3
CVE-2017-17480
In OpenJPEG 2.3.0, a stack-based buffer overflow exists in the pgxtovolume function in jp3d/convert.c. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service or possibly remote code execution.
Uclouvain Openjpeg 2.3.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 18.04
9.8
CVSSv3
CVE-2017-17479
In OpenJPEG 2.3.0, a stack-based buffer overflow exists in the pgxtoimage function in jpwl/convert.c. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service or possibly remote code execution.
Uclouvain Openjpeg 2.3.0
8.8
CVSSv3
CVE-2020-8112
opj_t1_clbl_decode_processor in openjp2/t1.c in OpenJPEG 2.3.1 through 2020-01-28 has a heap-based buffer overflow in the qmfbid==1 case, a different issue than CVE-2020-6851.
Uclouvain Openjpeg 2.3.1
Debian Debian Linux 8.0
8.8
CVSSv3
CVE-2018-20847
An improper computation of p_tx0, p_tx1, p_ty0 and p_ty1 in the function opj_get_encoding_parameters in openjp2/pi.c in OpenJPEG up to and including 2.3.0 can lead to an integer overflow.
Uclouvain Openjpeg
Debian Debian Linux 8.0
8.8
CVSSv3
CVE-2018-16375
An issue exists in OpenJPEG 2.3.0. Missing checks for header_info.height and header_info.width in the function pnmtoimage in bin/jpwl/convert.c can lead to a heap-based buffer overflow.
Uclouvain Openjpeg 2.3.0
8.8
CVSSv3
CVE-2018-16376
An issue exists in OpenJPEG 2.3.0. A heap-based buffer overflow exists in the function t2_encode_packet in lib/openmj2/t2.c. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service or possibly unspecified other impact.
Uclouvain Openjpeg 2.3.0
7.8
CVSSv3
CVE-2021-3575
A heap-based buffer overflow was found in openjpeg in color.c:379:42 in sycc420_to_rgb when decompressing a crafted .j2k file. An attacker could use this to execute arbitrary code with the permissions of the application compiled against openjpeg.
Uclouvain Openjpeg
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux 8.0
Fedoraproject Fedora 33
Fedoraproject Fedora 34
7.8
CVSSv3
CVE-2020-27823
A flaw was found in OpenJPEG’s encoder. This flaw allows an malicious user to pass specially crafted x,y offset input to OpenJPEG to use during encoding. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
Uclouvain Openjpeg
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Debian Debian Linux 9.0
Debian Debian Linux 10.0
7.8
CVSSv3
CVE-2020-27814
A heap-buffer overflow was found in the way openjpeg2 handled certain PNG format files. An attacker could use this flaw to cause an application crash or in some cases execute arbitrary code with the permission of the user running such an application.
Uclouvain Openjpeg
Debian Debian Linux 9.0
Debian Debian Linux 10.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »