Lucene search
+L

821 matches found

Cvelist
Cvelist
added 2018/01/03 9:0 a.m.23 views

CVE-2018-4868

The Exiv2::Jp2Image::readMetadata function in jp2image.cpp in Exiv2 0.26 allows remote attackers to cause a denial of service excessive memory allocation via a crafted file...

5.7AI score0.01488EPSS
Exploits1References2
Fedora
Fedora
added 2017/09/30 7:30 a.m.55 views

[SECURITY] Fedora 27 Update: openjpeg2-2.2.0-3.fc27

The OpenJPEG library is an open-source JPEG 2000 library developed in order to promote the use of JPEG 2000. This package contains JPEG 2000 codec compliant with the Part 1 of the standard Class-1 Profil e-1 compliance. JP2 JPEG 2000 standard Part 2 - Handling of JP2 boxes and extended multi ple...

8.8CVSS4.4AI score0.05652EPSS
Exploits0
OSV
OSV
added 2017/09/29 1:34 a.m.14 views

CVE-2017-14860

There is a heap-based buffer over-read in the Exiv2::Jp2Image::readMetadata function of jp2image.cpp in Exiv2 0.26. A Crafted input will lead to a denial of service attack...

5.5CVSS6.8AI score
Exploits0References1
PyPA
PyPA
added 2017/09/29 1:34 a.m.8 views

PYSEC-2017-133

There is a heap-based buffer over-read in the Exiv2::Jp2Image::readMetadata function of jp2image.cpp in Exiv2 0.26. A Crafted input will lead to a denial of service attack...

5.5CVSS7AI score0.0083EPSS
Exploits1References2Affected Software1
Fedora
Fedora
added 2017/09/19 11:25 p.m.38 views

[SECURITY] Fedora 26 Update: jasper-2.0.14-1.fc26

This package contains an implementation of the image compression standard JPEG-2000, Part 1. It consists of tools for conversion to and from the JP2 and JPC formats...

7.5CVSS3.3AI score0.03251EPSS
Exploits0
Fedora
Fedora
added 2017/09/11 2:26 a.m.37 views

[SECURITY] Fedora 25 Update: openjpeg2-2.2.0-3.fc25

The OpenJPEG library is an open-source JPEG 2000 library developed in order to promote the use of JPEG 2000. This package contains JPEG 2000 codec compliant with the Part 1 of the standard Class-1 Profil e-1 compliance. JP2 JPEG 2000 standard Part 2 - Handling of JP2 boxes and extended multi ple...

8.8CVSS4.4AI score0.05652EPSS
Exploits0
Fedora
Fedora
added 2017/09/08 9:21 p.m.40 views

[SECURITY] Fedora 25 Update: openjpeg2-2.2.0-2.fc25

The OpenJPEG library is an open-source JPEG 2000 library developed in order to promote the use of JPEG 2000. This package contains JPEG 2000 codec compliant with the Part 1 of the standard Class-1 Profil e-1 compliance. JP2 JPEG 2000 standard Part 2 - Handling of JP2 boxes and extended multi ple...

5.5CVSS4.4AI score0.02858EPSS
Exploits0
Fedora
Fedora
added 2017/09/06 2:53 p.m.47 views

[SECURITY] Fedora 26 Update: openjpeg2-2.2.0-3.fc26

The OpenJPEG library is an open-source JPEG 2000 library developed in order to promote the use of JPEG 2000. This package contains JPEG 2000 codec compliant with the Part 1 of the standard Class-1 Profil e-1 compliance. JP2 JPEG 2000 standard Part 2 - Handling of JP2 boxes and extended multi ple...

8.8CVSS4.4AI score0.05652EPSS
Exploits0
Fedora
Fedora
added 2017/09/03 10:22 p.m.45 views

[SECURITY] Fedora 26 Update: openjpeg2-2.2.0-2.fc26

The OpenJPEG library is an open-source JPEG 2000 library developed in order to promote the use of JPEG 2000. This package contains JPEG 2000 codec compliant with the Part 1 of the standard Class-1 Profil e-1 compliance. JP2 JPEG 2000 standard Part 2 - Handling of JP2 boxes and extended multi ple...

5.5CVSS4.4AI score0.02858EPSS
Exploits0
OSV
OSV
added 2017/08/30 10:29 p.m.4 views

ALPINE-CVE-2017-14040

An invalid write access was discovered in bin/jp2/convert.c in OpenJPEG 2.2.0, triggering a crash in the tgatoimage function. The vulnerability may lead to remote denial of service or possibly unspecified other impact...

8.8CVSS7.4AI score0.04765EPSS
Exploits0References1
OSV
OSV
added 2017/08/30 10:29 p.m.3 views

UBUNTU-CVE-2017-14040

An invalid write access was discovered in bin/jp2/convert.c in OpenJPEG 2.2.0, triggering a crash in the tgatoimage function. The vulnerability may lead to remote denial of service or possibly unspecified other impact...

8.8CVSS6.8AI score0.04765EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2017/08/30 3:19 p.m.34 views

CVE-2017-13145

In ImageMagick before 6.9.8-8 and 7.x before 7.0.5-9, the ReadJP2Image function in coders/jp2.c does not properly validate the channel geometry, leading to a crash...

6.5CVSS3.1AI score0.01567EPSS
Exploits0References1
Veracode
Veracode
added 2017/08/25 12:39 a.m.25 views

Denial Of Service (DoS)

ImageMagick is vulnerable to denial of service DoS attacks. The attacks are possible because it is possible to bypass the validation of channel geometry in the ReadJP2Image function in coders/jp2.c...

6.5CVSS7.3AI score0.01567EPSS
Exploits0References9Affected Software1
OSV
OSV
added 2017/08/23 6:29 a.m.4 views

DEBIAN-CVE-2017-13145

In ImageMagick before 6.9.8-8 and 7.x before 7.0.5-9, the ReadJP2Image function in coders/jp2.c does not properly validate the channel geometry, leading to a crash...

6.5CVSS6.8AI score0.01567EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2017/08/23 6:0 a.m.51 views

CVE-2017-13145

In ImageMagick before 6.9.8-8 and 7.x before 7.0.5-9, the ReadJP2Image function in coders/jp2.c does not properly validate the channel geometry, leading to a crash...

6.5CVSS6.5AI score0.01567EPSS
Exploits0
Cvelist
Cvelist
added 2017/08/23 6:0 a.m.33 views

CVE-2017-13145

In ImageMagick before 6.9.8-8 and 7.x before 7.0.5-9, the ReadJP2Image function in coders/jp2.c does not properly validate the channel geometry, leading to a crash...

7.7AI score0.01567EPSS
Exploits0References8
CVE
CVE
added 2017/08/23 6:0 a.m.102 views

CVE-2017-13145

This CVE (CVE-2017-13145) affects ImageMagick’s JP2 coder ReadJP2Image in coders/jp2.c. The vulnerability stems from insufficient validation of channel geometry, which can cause a crash when processing JP2 images. Affected products/versions per the provided description: ImageMagick 6.x up to 6.9....

6.5CVSS7.5AI score0.01567EPSS
Exploits0References8Affected Software1
OSV
OSV
added 2017/08/23 12:0 a.m.6 views

UBUNTU-CVE-2017-13145

In ImageMagick before 6.9.8-8 and 7.x before 7.0.5-9, the ReadJP2Image function in coders/jp2.c does not properly validate the channel geometry, leading to a crash...

6.5CVSS6.7AI score0.01567EPSS
Exploits0References3
Check Point Advisories
Check Point Advisories
added 2017/08/08 12:0 a.m.16 views

Adobe Acrobat And Reader Memory Corruption (APSB17-24: CVE-2017-11226)

A memory corruption vulnerability exists in Adobe Acrobat And Reader. The vulnerability is due to an error in the image processing engine when processing JPEG 2000 JP2 code stream data. A remote attacker may exploit this vulnerability by using a crafted JP2 file that contains large values for til...

9.3CVSS8.9AI score0.06918EPSS
Exploits0
OSV
OSV
added 2017/07/23 3:29 a.m.18 views

CVE-2017-11536

When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the WriteJP2Image function in coders/jp2.c...

6.5CVSS6.6AI score
Exploits0References2
Rows per page
Query Builder