232 matches found
JLSEC-2026-550
A flaw was found in OpenJPEG. A resource exhaustion can occur in the opjt1decodecblks function in tcd.c through a crafted image file, causing a denial of service...
JLSEC-2026-549
A vulnerability was found in OpenJPEG similar to CVE-2019-6988. This flaw allows an attacker to bypass existing protections and cause an application crash through a maliciously crafted file...
JLSEC-2026-551
openjpeg v 2.5.0 was discovered to contain a NULL pointer dereference via the component /openjp2/dwt.c...
PT-2026-47109
Integer Overflow in OpenJPEG v2.4.0 allows remote attackers to crash the application, causing a Denial of Service DoS. This occurs when the attacker uses the command line option "-ImgDir" on a directory that contains 1048576 files...
Unity Linux 20.1060e / 20.1070e Security Update: openjpeg2 (UTSA-2026-017606)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017606 advisory. There's a flaw in openjpeg in versions prior to 2.4.0 in src/lib/openjp2/pi.c. When an attacker is able to provide crafted input to be processed by the openjpeg...
USN-8252-1 openjpeg2 vulnerability
It was discovered that OpenJPEG did not properly handle memory when encoding image files. An attacker could use this issue to cause OpenJPEG to crash, resulting in a denial of service, or possibly execute arbitrary code...
USN-8252-1: OpenJPEG vulnerability
It was discovered that OpenJPEG did not properly handle memory when encoding image files. An attacker could use this issue to cause OpenJPEG to crash, resulting in a denial of service, or possibly execute arbitrary code...
PT-2026-39179
It was discovered that OpenJPEG did not properly handle memory when encoding image files. An attacker could use this issue to cause OpenJPEG to crash, resulting in a denial of service, or possibly execute arbitrary code...
Astra Linux – Vulnerability in openjpeg2
In OpenJPEG version 2.3.1, the jp2/opjdecompress.c file contains a use-after-free issue. This issue can occur if there is a mix of valid and invalid files in a directory that is processed by the decompressor. It is also possible for a double free to occur. This issue is related to calling...
Astra Linux – Vulnerability in openjpeg2
There is a flaw in the src/lib/openjp2/pi.c file of openjpeg in versions prior to 2.4.0. If an attacker can provide untrusted input to openjpeg’s conversion/encoding functionality, they could cause an out-of-bounds read. The most significant impact of this flaw is the application’s availability...
CVE-2026-6192
A vulnerability was identified in uclouvain openjpeg up to 2.5.4. This impacts the function opjpiinitialiseencode in the library src/lib/openjp2/pi.c. The manipulation leads to integer overflow. The attack must be carried out locally. The exploit is publicly available and might be used. The...
UBUNTU-CVE-2026-6192
A vulnerability was identified in uclouvain openjpeg up to 2.5.4. This impacts the function opjpiinitialiseencode in the library src/lib/openjp2/pi.c. The manipulation leads to integer overflow. The attack must be carried out locally. The exploit is publicly available and might be used. The...
CVE-2026-6192 uclouvain openjpeg pi.c opj_pi_initialise_encode integer overflow
A vulnerability was identified in uclouvain openjpeg up to 2.5.4. This impacts the function opjpiinitialiseencode in the library src/lib/openjp2/pi.c. The manipulation leads to integer overflow. The attack must be carried out locally. The exploit is publicly available and might be used. The...
CVE-2026-6192
Affected software: uclouvain openjpeg (up to 2.5.4). Vulnerable component: opj_pi_initialise_encode in src/lib/openjp2/pi.c due to an integer overflow. Impact: local attacker can exploit; exploit exists publicly. Patch: reference to patch identifier 839936aa33eb8899bbbd80fda02796bb65068951 should...
CVE-2026-6192 uclouvain openjpeg pi.c opj_pi_initialise_encode integer overflow
A vulnerability was identified in uclouvain openjpeg up to 2.5.4. This impacts the function opjpiinitialiseencode in the library src/lib/openjp2/pi.c. The manipulation leads to integer overflow. The attack must be carried out locally. The exploit is publicly available and might be used. The...
MiracleLinux 7 : openjpeg-1.5.1-17.el7 (AXBA:2017-1766:02)
The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXBA:2017-1766:02 advisory. - Multiple heap-based buffer overflows in OpenJPEG 1.3 and earlier might allow remote attackers to execute arbitrary code via unspecified vectors...
MiracleLinux 4 : openjpeg-1.3-10.AXS4 (AXSA:2014-074:01)
The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2014-074:01 advisory. OpenJPEG is an open-source JPEG 2000 codec written in C language. It has been developed in order to promote the use of JPEG 2000, the new still-image...
MiracleLinux 4 : openjpeg-1.3-8.AXS4 (AXSA:2012-758:01)
The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2012-758:01 advisory. OpenJPEG is an open-source JPEG 2000 codec written in C language. It has been developed in order to promote the use of JPEG 2000, the new still-image...
MiracleLinux 4 : openjpeg-1.3-9.AXS4 (AXSA:2012-984:02)
The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2012-984:02 advisory. OpenJPEG is an open-source JPEG 2000 codec written in C language. It has been developed in order to promote the use of JPEG 2000, the new still-image...
EUVD-2016-5781
Malware in sbrugna...