MiracleLinux 9 : openjpeg2-2.4.0-8.el9 (AXSA:2025-10234:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10234:01 advisory. openjpeg: heap buffer overflow in bin/common/color.c CVE-2024-56826 openjpeg: heap buffer overflow in lib/openjp2/j2k.c CVE-2024-56827 Tenable has...

openjpeg2 security update

An update is available for openjpeg2. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list OpenJPEG is an open source library for reading and writing image files in...

Linux Distros Unpatched Vulnerability : CVE-2015-1273

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Heap-based buffer overflow in j2k.c in OpenJPEG before r3002, as used in PDFium in Google Chrome before 44.0.2403.89, allows remote attackers to cause a denial ...

MGASA-2025-0012 Updated openjpeg2 packages fix security vulnerabilities

Heap buffer overflow in bin/common/color.c. CVE-2024-56826 Heap buffer overflow in lib/openjp2/j2k.c. CVE-2024-56827...

SUSE CVE-2017-14164

A size-validation issue was discovered in opjj2kwritesot in lib/openjp2/j2k.c in OpenJPEG 2.2.0. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service heap-based buffer overflow affecting opjwritebytesLE in lib/openjp2/cio.c or possibly remote code execution...

Denial Of Service (DoS)

chromium-browser is vulnerable to denial of service DoS. The vulnerability exists when a PDF document is processed through j2k.c, jp2.c, and t2.c...

Out-of-bounds

In FreeImage 3.18.0, an out-of-bounds access occurs because of mishandling of the OpenJPEG j2kreadppmv3 function in j2k.c. The value of lNppm comes from the file read in, and the code does not consider that lNppm may be greater than the size of pheaderdata...

CVE-2019-12214

In FreeImage 3.18.0, an out-of-bounds access occurs because of mishandling of the OpenJPEG j2kreadppmv3 function in j2k.c. The value of lNppm comes from the file read in, and the code does not consider that lNppm may be greater than the size of pheaderdata...

CVE-2015-8871

Use-after-free vulnerability in the opjj2kwritemco function in j2k.c in OpenJPEG before 2.1.1 allows remote attackers to have unspecified impact via unknown vectors...

CVE-2015-8871

Use-after-free vulnerability in the opjj2kwritemco function in j2k.c in OpenJPEG before 2.1.1 allows remote attackers to have unspecified impact via unknown vectors...

CVE-2015-8871

OpenJPEG library (before 2.1.1) contains a use-after-free in opj_j2k_write_mco (j2k.c). This CVE (CVE-2015-8871) allows remote attackers to potentially cause impact via unknown vectors; the NVD description notes unspecified impact, while several advisories/OSS feeds associate this with denial of ...

CVE-2016-5140

CVE-2016-5140 corresponds to a heap-based buffer overflow in the opj_j2k_read_SQcd_SQcc function of j2k.c in OpenJPEG, used by PDFium in Google Chrome. The issue can be triggered by crafted JPEG 2000 data and may cause a denial of service or other unspecified impact. Affected product context is G...

OpenJPEG 'opj_j2k_write_mco' function memory misreference vulnerability

OpenJPEG is a C-based open source JPEG 2000 codec . A memory misreference vulnerability in the 'opjj2kwritemco' function in OpenJPEG's j2k.c file allows remote attackers to exploit the vulnerability to construct a malicious image that could be tricked into being parsed by the user, crashing the...

UBUNTU-CVE-2015-6581

Double free vulnerability in the opjj2kcopydefaulttcpandcreatetcd function in j2k.c in OpenJPEG before r3002, as used in PDFium in Google Chrome before 45.0.2454.85, allows remote attackers to execute arbitrary code or cause a denial of service heap memory corruption by triggering a...

Heap overflow

Heap-based buffer overflow in j2k.c in OpenJPEG before r3002, as used in PDFium in Google Chrome before 44.0.2403.89, allows remote attackers to cause a denial of service or possibly have unspecified other impact via invalid JPEG2000 data in a PDF document...

CVE-2015-1273

CVE-2015-1273 is a heap-buffer-overflow in OpenJPEG (j2k.c) used by PDFium inside Google Chrome/Chromium. The vulnerability is triggered by invalid JPEG2000 data within PDFs, potentially causing a denial of service or other impact. Affected product: Chromium-based browsers (Chrome/Chromium) prior...

CVE-2014-7945

OpenJPEG before r2908, as used in PDFium in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service out-of-bounds read via a crafted PDF document, related to j2k.c, jp2.c, and t2.c...