Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Openjpeg
(Uclouvain)| Repositories |
• https://github.com/uclouvain/openjpeg
• https://github.com/szukw000/openjpeg • https://github.com/kbabioch/openjpeg |
| #Vulnerabilities | 76 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2013-12-12 | CVE-2013-6052 | OpenJPEG 1.3 and earlier allows remote attackers to obtain sensitive information via unspecified vectors that trigger a heap-based out-of-bounds read. | Openjpeg | N/A | ||
| 2013-12-12 | CVE-2013-6045 | Multiple heap-based buffer overflows in OpenJPEG 1.3 and earlier might allow remote attackers to execute arbitrary code via unspecified vectors. | Openjpeg | N/A | ||
| 2014-04-18 | CVE-2013-4290 | Stack-based buffer overflow in OpenJPEG before 1.5.2 allows remote attackers to have unspecified impact via unknown vectors to (1) lib/openjp3d/opj_jp3d_compress.c, (2) bin/jp3d/convert.c, or (3) lib/openjp3d/event.c. | Openjpeg | N/A | ||
| 2014-04-18 | CVE-2013-4289 | Multiple integer overflows in lib/openjp3d/jp3d.c in OpenJPEG before 1.5.2 allow remote attackers to have unspecified impact and vectors, which trigger a heap-based buffer overflow. | Openjpeg | N/A | ||
| 2013-12-12 | CVE-2013-1447 | OpenJPEG 1.3 and earlier allows remote attackers to cause a denial of service (memory consumption or crash) via unspecified vectors related to NULL pointer dereferences, division-by-zero, and other errors. | Openjpeg | N/A | ||
| 2012-04-11 | CVE-2012-1499 | The JPEG 2000 codec (jp2.c) in OpenJPEG before 1.5 allows remote attackers to execute arbitrary code via a crafted palette index in a CMAP record of a JPEG image, which triggers memory corruption, aka "out-of heap-based buffer write." | Openjpeg | N/A | ||
| 2018-10-09 | CVE-2018-18088 | OpenJPEG 2.3.0 has a NULL pointer dereference for "red" in the imagetopnm function of jp2/convert.c | Debian_linux, Openjpeg | 6.5 | ||
| 2019-01-28 | CVE-2019-6988 | An issue was discovered in OpenJPEG 2.3.0. It allows remote attackers to cause a denial of service (attempted excessive memory allocation) in opj_calloc in openjp2/opj_malloc.c, when called from opj_tcd_init_tile in openjp2/tcd.c, as demonstrated by the 64-bit opj_decompress. | Openjpeg | 6.5 | ||
| 2018-09-02 | CVE-2018-16376 | An issue was discovered in OpenJPEG 2.3.0. A heap-based buffer overflow was discovered in the function t2_encode_packet in lib/openmj2/t2.c. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service or possibly unspecified other impact. | Openjpeg | 8.8 | ||
| 2017-12-08 | CVE-2017-17479 | In OpenJPEG 2.3.0, a stack-based buffer overflow was discovered in the pgxtoimage function in jpwl/convert.c. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service or possibly remote code execution. | Openjpeg | 9.8 |