Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openjpeg vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2016-1923
Heap-based buffer overflow in the opj_j2k_update_image_data function in OpenJpeg 2016.1.18 allows remote malicious users to cause a denial of service (out-of-bounds read and application crash) via a crafted JPEG 2000 image.
Uclouvain Openjpeg 2.1.0
10
CVSSv2
CVE-2012-3358
Multiple heap-based buffer overflows in the j2k_read_sot function in j2k.c in OpenJPEG 1.5 allow remote malicious users to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted (1) tile number or (2) tile length in a JPEG 2000 image file.
Uclouvain Openjpeg 1.5
6.8
CVSSv2
CVE-2018-16376
An issue exists in OpenJPEG 2.3.0. A heap-based buffer overflow exists in the function t2_encode_packet in lib/openmj2/t2.c. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service or possibly unspecified other impact.
Uclouvain Openjpeg 2.3.0
5
CVSSv2
CVE-2016-7445
convert.c in OpenJPEG prior to 2.1.2 allows remote malicious users to cause a denial of service (NULL pointer dereference and application crash) via vectors involving the variable s.
Uclouvain Openjpeg
Opensuse Leap 42.1
6.8
CVSSv2
CVE-2018-20847
An improper computation of p_tx0, p_tx1, p_ty0 and p_ty1 in the function opj_get_encoding_parameters in openjp2/pi.c in OpenJPEG up to and including 2.3.0 can lead to an integer overflow.
Uclouvain Openjpeg
Debian Debian Linux 8.0
6.8
CVSSv2
CVE-2018-21010
OpenJPEG prior to 2.3.1 has a heap buffer overflow in color_apply_icc_profile in bin/common/color.c.
Uclouvain Openjpeg
Debian Debian Linux 8.0
7.5
CVSSv2
CVE-2015-8871
Use-after-free vulnerability in the opj_j2k_write_mco function in j2k.c in OpenJPEG prior to 2.1.1 allows remote malicious users to have unspecified impact via unknown vectors.
Debian Debian Linux 8.0
Uclouvain Openjpeg
1 Github repository
6.8
CVSSv2
CVE-2020-8112
opj_t1_clbl_decode_processor in openjp2/t1.c in OpenJPEG 2.3.1 through 2020-01-28 has a heap-based buffer overflow in the qmfbid==1 case, a different issue than CVE-2020-6851.
Uclouvain Openjpeg 2.3.1
Debian Debian Linux 8.0
4.3
CVSSv2
CVE-2016-4796
Heap-based buffer overflow in the color_cmyk_to_rgb in common/color.c in OpenJPEG prior to 2.1.1 allows remote malicious users to cause a denial of service (crash) via a crafted .j2k file.
Uclouvain Openjpeg
Fedoraproject Fedora 24
Fedoraproject Fedora 23
4.3
CVSSv2
CVE-2016-4797
Divide-by-zero vulnerability in the opj_tcd_init_tile function in tcd.c in OpenJPEG prior to 2.1.1 allows remote malicious users to cause a denial of service (application crash) via a crafted jp2 file. NOTE: this issue exists because of an incorrect fix for CVE-2014-7947.
Uclouvain Openjpeg
Fedoraproject Fedora 24
Fedoraproject Fedora 23
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27802
template injection
CVE-2024-0044
code injection
CVE-2024-35474
CVE-2024-27857
CVE-2024-23251
CVE-2024-23692
physical
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »