Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
uclouvain openjpeg 2.3.1 vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2020-8112
opj_t1_clbl_decode_processor in openjp2/t1.c in OpenJPEG 2.3.1 through 2020-01-28 has a heap-based buffer overflow in the qmfbid==1 case, a different issue than CVE-2020-6851.
Uclouvain Openjpeg 2.3.1
Debian Debian Linux 8.0
6.5
CVSSv3
CVE-2018-20846
Out-of-bounds accesses in the functions pi_next_lrcp, pi_next_rlcp, pi_next_rpcl, pi_next_pcrl, pi_next_rpcl, and pi_next_cprl in openmj2/pi.c in OpenJPEG up to and including 2.3.0 allow remote malicious users to cause a denial of service (application crash).
Uclouvain Openjpeg
8.8
CVSSv3
CVE-2018-16376
An issue exists in OpenJPEG 2.3.0. A heap-based buffer overflow exists in the function t2_encode_packet in lib/openmj2/t2.c. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service or possibly unspecified other impact.
Uclouvain Openjpeg 2.3.0
6.5
CVSSv3
CVE-2018-20845
Division-by-zero vulnerabilities in the functions pi_next_pcrl, pi_next_cprl, and pi_next_rpcl in openmj2/pi.c in OpenJPEG up to and including 2.3.0 allow remote malicious users to cause a denial of service (application crash).
Uclouvain Openjpeg
8.8
CVSSv3
CVE-2018-21010
OpenJPEG prior to 2.3.1 has a heap buffer overflow in color_apply_icc_profile in bin/common/color.c.
Uclouvain Openjpeg
Debian Debian Linux 8.0
6.5
CVSSv3
CVE-2018-5727
In OpenJPEG 2.3.0, there is an integer overflow vulnerability in the opj_t1_encode_cblks function (openjp2/t1.c). Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file.
Uclouvain Openjpeg 2.3.0
8.8
CVSSv3
CVE-2018-20847
An improper computation of p_tx0, p_tx1, p_ty0 and p_ty1 in the function opj_get_encoding_parameters in openjp2/pi.c in OpenJPEG up to and including 2.3.0 can lead to an integer overflow.
Uclouvain Openjpeg
Debian Debian Linux 8.0
7.8
CVSSv3
CVE-2020-27814
A heap-buffer overflow was found in the way openjpeg2 handled certain PNG format files. An attacker could use this flaw to cause an application crash or in some cases execute arbitrary code with the permission of the user running such an application.
Uclouvain Openjpeg
Debian Debian Linux 9.0
Debian Debian Linux 10.0
5.5
CVSSv3
CVE-2019-12973
In OpenJPEG 2.3.1, there is excessive iteration in the opj_t1_encode_cblks function of openjp2/t1.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file. This issue is similar to CVE-2018-6616.
Uclouvain Openjpeg 2.3.1
Opensuse Leap 15.0
Opensuse Leap 15.1
Debian Debian Linux 9.0
Oracle Database Server 18c
Oracle Outside In Technology 8.5.4
Oracle Outside In Technology 8.5.5
6.5
CVSSv3
CVE-2018-5785
In OpenJPEG 2.3.0, there is an integer overflow caused by an out-of-bounds left shift in the opj_j2k_setup_encoder function (openjp2/j2k.c). Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file.
Uclouvain Openjpeg 2.3.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 18.04
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »