Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

61 – 70 of 90 results


CVE-2016-9116

Low priority
Vulnerable

NULL Pointer Access in function imagetopnm of convert.c:2226(jp2) in OpenJPEG 2.1.2. Impact is Denial of Service. Someone must open a crafted j2k file.

3 affected packages

ghostscript, openjpeg, openjpeg2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ghostscript Not affected Not affected Not affected Not affected Not affected
openjpeg Not in release Not in release Not in release Not in release Ignored
openjpeg2 Not affected Not affected Not affected Not affected Vulnerable
Show less packages

CVE-2016-9115

Low priority
Vulnerable

Heap Buffer Over-read in function imagetotga of convert.c(jp2):942 in OpenJPEG 2.1.2. Impact is Denial of Service. Someone must open a crafted j2k file.

3 affected packages

ghostscript, openjpeg, openjpeg2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ghostscript Not affected Not affected Not affected Not affected Not affected
openjpeg Not in release Not in release Not in release Not in release Ignored
openjpeg2 Not affected Not affected Not affected Not affected Vulnerable
Show less packages

CVE-2016-9114

Low priority
Vulnerable

There is a NULL Pointer Access in function imagetopnm of convert.c:1943(jp2) of OpenJPEG 2.1.2. image->comps[compno].data is not assigned a value after initialization(NULL). Impact is Denial of Service.

3 affected packages

ghostscript, openjpeg, openjpeg2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ghostscript Not affected Not affected Not affected Not affected Not affected
openjpeg Not in release Not in release Not in release Not in release Ignored
openjpeg2 Not affected Not affected Not affected Not affected Vulnerable
Show less packages

CVE-2016-9113

Low priority
Vulnerable

There is a NULL pointer dereference in function imagetobmp of convertbmp.c:980 of OpenJPEG 2.1.2. image->comps[0].data is not assigned a value after initialization(NULL). Impact is Denial of Service.

3 affected packages

ghostscript, openjpeg, openjpeg2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ghostscript Not affected Not affected Not affected Not affected Not affected
openjpeg Not in release Not in release Not in release Not in release Ignored
openjpeg2 Not affected Not affected Not affected Not affected Vulnerable
Show less packages

CVE-2016-9112

Low priority

Some fixes available 2 of 6

Floating Point Exception (aka FPE or divide by zero) in opj_pi_next_cprl function in openjp2/pi.c:523 in OpenJPEG 2.1.2.

2 affected packages

openjpeg, openjpeg2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
openjpeg Not in release Not in release Not in release Not in release Fixed
openjpeg2 Not affected Not affected Not affected Not affected Fixed
Show less packages

CVE-2016-8332

Medium priority
Fixed

A buffer overflow in OpenJPEG 2.1.1 causes arbitrary code execution when parsing a crafted image. An exploitable code execution vulnerability exists in the jpeg2000 image file format parser as implemented in the OpenJpeg library....

2 affected packages

openjpeg, openjpeg2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
openjpeg Not affected
openjpeg2 Fixed
Show less packages

CVE-2016-7445

Low priority

Some fixes available 2 of 6

convert.c in OpenJPEG before 2.1.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors involving the variable s.

2 affected packages

openjpeg, openjpeg2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
openjpeg Not in release Not in release Not in release Not in release Fixed
openjpeg2 Not affected Not affected Not affected Not affected Fixed
Show less packages

CVE-2016-7163

Medium priority

Some fixes available 8 of 10

Integer overflow in the opj_pi_create_decode function in pi.c in OpenJPEG allows remote attackers to execute arbitrary code via a crafted JP2 file, which triggers an out-of-bounds read or write.

2 affected packages

openjpeg, openjpeg2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
openjpeg Not in release Not affected
openjpeg2 Fixed Fixed
Show less packages

CVE-2015-8871

Medium priority

Some fixes available 1 of 5

Use-after-free vulnerability in the opj_j2k_write_mco function in j2k.c in OpenJPEG before 2.1.1 allows remote attackers to have unspecified impact via unknown vectors.

2 affected packages

openjpeg, openjpeg2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
openjpeg Not in release Not affected
openjpeg2 Not affected Fixed
Show less packages

CVE-2016-5159

Medium priority

Some fixes available 10 of 16

Multiple integer overflows in OpenJPEG, as used in PDFium in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allow remote attackers to cause a denial of service (heap-based buffer overflow)...

4 affected packages

chromium-browser, openjpeg, openjpeg2, oxide-qt

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
chromium-browser Fixed Fixed
openjpeg Not in release Not affected
openjpeg2 Not affected Fixed
oxide-qt Not in release Not affected
Show less packages