Search CVE reports
51 – 60 of 90 results
CVE-2016-10506
Medium prioritySome fixes available 2 of 5
Division-by-zero vulnerabilities in the functions opj_pi_next_cprl, opj_pi_next_pcrl, and opj_pi_next_rpcl in pi.c in OpenJPEG before 2.2.0 allow remote attackers to cause a denial of service (application crash) via crafted j2k files.
3 affected packages
ghostscript, openjpeg, openjpeg2
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
ghostscript | Not affected | Not affected | Not affected | Not affected | Not affected |
openjpeg | Not in release | Not in release | Not in release | Not in release | Fixed |
openjpeg2 | Not affected | Not affected | Not affected | Not affected | Fixed |
CVE-2016-10505
Medium priorityNULL pointer dereference vulnerabilities in the imagetopnm function in convert.c, sycc444_to_rgb function in color.c, color_esycc_to_rgb function in color.c, and sycc422_to_rgb function in color.c in OpenJPEG before 2.2.0 allow...
2 affected packages
openjpeg, openjpeg2
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
openjpeg | — | — | — | Not in release | Not affected |
openjpeg2 | — | — | — | Not affected | Not affected |
CVE-2016-10504
Medium prioritySome fixes available 2 of 3
Heap-based buffer overflow vulnerability in the opj_mqc_byteout function in mqc.c in OpenJPEG before 2.2.0 allows remote attackers to cause a denial of service (application crash) via a crafted bmp file.
2 affected packages
openjpeg, openjpeg2
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
openjpeg | — | — | — | Not in release | Ignored |
openjpeg2 | — | — | — | Not affected | Fixed |
CVE-2017-12982
Low prioritySome fixes available 2 of 5
The bmp_read_info_header function in bin/jp2/convertbmp.c in OpenJPEG 2.2.0 does not reject headers with a zero biBitCount, which allows remote attackers to cause a denial of service (memory allocation failure) in...
3 affected packages
ghostscript, openjpeg, openjpeg2
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
ghostscript | — | Not affected | Not affected | Not affected | Not affected |
openjpeg | — | Not in release | Not in release | Not in release | Not affected |
openjpeg2 | — | Not affected | Not affected | Fixed | Fixed |
CVE-2016-4797
Medium prioritySome fixes available 1 of 2
Divide-by-zero vulnerability in the opj_tcd_init_tile function in tcd.c in OpenJPEG before 2.1.1 allows remote attackers to cause a denial of service (application crash) via a crafted jp2 file. NOTE: this issue exists because of...
2 affected packages
openjpeg, openjpeg2
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
openjpeg | — | — | — | Not in release | Ignored |
openjpeg2 | — | — | — | Not affected | Fixed |
CVE-2016-4796
Medium priorityHeap-based buffer overflow in the color_cmyk_to_rgb in common/color.c in OpenJPEG before 2.1.1 allows remote attackers to cause a denial of service (crash) via a crafted .j2k file.
2 affected packages
openjpeg, openjpeg2
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
openjpeg | — | — | — | — | Not affected |
openjpeg2 | — | — | — | — | Not affected |
CVE-2016-3183
Medium prioritySome fixes available 1 of 2
The sycc422_t_rgb function in common/color.c in OpenJPEG before 2.1.1 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted jpeg2000 file.
2 affected packages
openjpeg, openjpeg2
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
openjpeg | — | — | — | Not in release | Ignored |
openjpeg2 | — | — | — | Not affected | Fixed |
CVE-2016-9675
Medium priorityopenjpeg: A heap-based buffer overflow flaw was found in the patch for CVE-2013-6045. A crafted j2k image could cause the application to crash, or potentially execute arbitrary code.
2 affected packages
openjpeg, openjpeg2
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
openjpeg | Not in release | Not in release | Not in release | Not in release | Not affected |
openjpeg2 | Not affected | Not affected | Not affected | Not affected | Not affected |
CVE-2016-9118
Medium prioritySome fixes available 2 of 6
Heap Buffer Overflow (WRITE of size 4) in function pnmtoimage of convert.c:1719 in OpenJPEG 2.1.2.
2 affected packages
openjpeg, openjpeg2
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
openjpeg | — | Not in release | Not in release | Not in release | Ignored |
openjpeg2 | — | Not affected | Not affected | Not affected | Fixed |
CVE-2016-9117
Low priorityNULL Pointer Access in function imagetopnm of convert.c(jp2):1289 in OpenJPEG 2.1.2. Impact is Denial of Service. Someone must open a crafted j2k file.
3 affected packages
ghostscript, openjpeg, openjpeg2
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
ghostscript | Not affected | Not affected | Not affected | Not affected | Not affected |
openjpeg | Not in release | Not in release | Not in release | Not in release | Ignored |
openjpeg2 | Not affected | Not affected | Not affected | Not affected | Vulnerable |