12 matches found
Linux Distros Unpatched Vulnerability : CVE-2018-16375
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in OpenJPEG 2.3.0. Missing checks for headerinfo.height and headerinfo.width in the function pnmtoimage in bin/jpwl/convert.c can lead t...
RHEL 6 : openjpeg (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - openjpeg: Stack-buffer overflow in the pgxtoimage function CVE-2017-17479 - openjpeg: heap-based buffer...
Ubuntu: Security Advisory (USN-4782-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE: Security Advisory for openjpeg2 (SUSE-SU-2022:1252-1)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
SUSE: Security Advisory (SUSE-SU-2022:1252-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2022:1129-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP2 : openjpeg (EulerOS-SA-2021-2414)
According to the versions of the openjpeg package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in OpenJPEG's encoder. This flaw allows an attacker to pass specially crafted x,y offset input to OpenJPEG to use during...
Huawei EulerOS: Security Advisory for openjpeg (EulerOS-SA-2021-1823)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP3 : openjpeg (EulerOS-SA-2021-1823)
According to the versions of the openjpeg package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in OpenJPEG 2.3.0. Missing checks for headerinfo.height and headerinfo.width in the function pnmtoimage in...
Huawei EulerOS: Security Advisory for openjpeg (EulerOS-SA-2021-1692)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-4782-1: OpenJPEG vulnerabilities
It was discovered that OpenJPEG incorrectly handled certain image files. A remote attacker could possibly use this issue to cause a denial of service. CVE-2016-10506 and CVE-2017-12982 affected only Ubuntu 16.04 ESM. CVE-2018-16375, CVE-2018-20845 and CVE-2019-12973 affected only Ubuntu 18.04 ESM...
CVE-2018-16375
CVE-2018-16375 affects OpenJPEG 2.3.0. The vulnerability is in bin/jpwl/convert.c (pnmtoimage) where missing checks for header_info.height and header_info.width can cause a heap-based buffer overflow. This is documented across multiple sources (OpenJPEG/OpenJPEG-related advisories) but no patch v...