RSS   Vulnerabilities for 'Openjpeg'   RSS

2019-09-05
 
CVE-2018-21010

CWE-119
 

 
OpenJPEG before 2.3.1 has a heap buffer overflow in color_apply_icc_profile in bin/common/color.c.

 
2019-01-28
 
CVE-2019-6988

CWE-400
 

 
An issue was discovered in OpenJPEG 2.3.0. It allows remote attackers to cause a denial of service (attempted excessive memory allocation) in opj_calloc in openjp2/opj_malloc.c, when called from opj_tcd_init_tile in openjp2/tcd.c, as demonstrated by the 64-bit opj_decompress.

 
2018-10-09
 
CVE-2018-18088

CWE-476
 

 
OpenJPEG 2.3.0 has a NULL pointer dereference for "red" in the imagetopnm function of jp2/convert.c

 
2018-09-02
 
CVE-2018-16376

CWE-787
 

 
An issue was discovered in OpenJPEG 2.3.0. A heap-based buffer overflow was discovered in the function t2_encode_packet in lib/openmj2/t2.c. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service or possibly unspecified other impact.

 
2017-12-08
 
CVE-2017-17479

CWE-787
 

 
In OpenJPEG 2.3.0, a stack-based buffer overflow was discovered in the pgxtoimage function in jpwl/convert.c. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service or possibly remote code execution.

 


Copyright 2019, cxsecurity.com

 

Back to Top