Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openjpeg vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2013-4289
Multiple integer overflows in lib/openjp3d/jp3d.c in OpenJPEG prior to 1.5.2 allow remote malicious users to have unspecified impact and vectors, which trigger a heap-based buffer overflow.
Uclouvain Openjpeg
Uclouvain Openjpeg 1.5
Uclouvain Openjpeg 1.4
Uclouvain Openjpeg 1.3
NA
CVE-2013-4290
Stack-based buffer overflow in OpenJPEG prior to 1.5.2 allows remote malicious users to have unspecified impact via unknown vectors to (1) lib/openjp3d/opj_jp3d_compress.c, (2) bin/jp3d/convert.c, or (3) lib/openjp3d/event.c.
Uclouvain Openjpeg 1.3
Uclouvain Openjpeg 1.5
Uclouvain Openjpeg 1.4
Uclouvain Openjpeg
NA
CVE-2012-3535
Heap-based buffer overflow in OpenJPEG 1.5.0 and previous versions allows remote malicious users to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted JPEG2000 file.
Uclouvain Openjpeg 1.3
Uclouvain Openjpeg 1.4
Uclouvain Openjpeg
NA
CVE-2009-5030
The tcd_free_encode function in tcd.c in OpenJPEG 1.3 up to and including 1.5 allows remote malicious users to cause a denial of service (memory corruption) and possibly execute arbitrary code via crafted tile information in a Gray16 TIFF image, which causes insufficient memory t...
Uclouvain Openjpeg 1.3
Uclouvain Openjpeg 1.4
Uclouvain Openjpeg 1.5
NA
CVE-2012-1499
The JPEG 2000 codec (jp2.c) in OpenJPEG prior to 1.5 allows remote malicious users to execute arbitrary code via a crafted palette index in a CMAP record of a JPEG image, which triggers memory corruption, aka "out-of heap-based buffer write."
Uclouvain Openjpeg
Uclouvain Openjpeg 1.3
8.8
CVSSv3
CVE-2017-14164
A size-validation issue exists in opj_j2k_write_sot in lib/openjp2/j2k.c in OpenJPEG 2.2.0. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service (heap-based buffer overflow affecting opj_write_bytes_LE in lib/openjp2/cio.c) or possibly remot...
Uclouvain Openjpeg
5.5
CVSSv3
CVE-2016-3183
The sycc422_t_rgb function in common/color.c in OpenJPEG prior to 2.1.1 allows remote malicious users to cause a denial of service (out-of-bounds read) via a crafted jpeg2000 file.
Uclouvain Openjpeg
5.5
CVSSv3
CVE-2017-12982
The bmp_read_info_header function in bin/jp2/convertbmp.c in OpenJPEG 2.2.0 does not reject headers with a zero biBitCount, which allows remote malicious users to cause a denial of service (memory allocation failure) in the opj_image_create function in lib/openjp2/image.c, relate...
Uclouvain Openjpeg
6.5
CVSSv3
CVE-2018-20846
Out-of-bounds accesses in the functions pi_next_lrcp, pi_next_rlcp, pi_next_rpcl, pi_next_pcrl, pi_next_rpcl, and pi_next_cprl in openmj2/pi.c in OpenJPEG up to and including 2.3.0 allow remote malicious users to cause a denial of service (application crash).
Uclouvain Openjpeg
5.5
CVSSv3
CVE-2016-3182
The color_esycc_to_rgb function in bin/common/color.c in OpenJPEG prior to 2.1.1 allows malicious users to cause a denial of service (memory corruption) via a crafted jpeg 2000 file.
Uclouvain Openjpeg
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »