23 matches found
CVE-2025-54874
OpenJPEG is an open-source JPEG 2000 codec. In OpenJPEG from 2.5.1 through 2.5.3, a call to opjjp2readheader may lead to OOB heap memory write when the data stream pstream is too short and pimage is not initialized...
ALSA-2025:7309 Moderate: openjpeg2 security update
OpenJPEG is an open source library for reading and writing image files in JPEG2000 format. Security Fixes: openjpeg: heap buffer overflow in bin/common/color.c CVE-2024-56826 openjpeg: heap buffer overflow in lib/openjp2/j2k.c CVE-2024-56827 For more details about the security issues, including t...
Moderate: openjpeg2 security update
OpenJPEG is an open source library for reading and writing image files in JPEG2000 format. Security Fixes: openjpeg: heap buffer overflow in bin/common/color.c CVE-2024-56826 openjpeg: heap buffer overflow in lib/openjp2/j2k.c CVE-2024-56827 For more details about the security issues, including t...
Linux Distros Unpatched Vulnerability : CVE-2016-10507
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Integer overflow vulnerability in the bmp24toimage function in convertbmp.c in OpenJPEG before 2.2.0 allows remote attackers to cause a denial of service...
Linux Distros Unpatched Vulnerability : CVE-2013-6887
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenJPEG 1.5.1 allows remote attackers to cause a denial of service via unspecified vectors that trigger NULL pointer dereferences, division-by-zero, and other...
CVE-2024-56827 Openjpeg: heap buffer overflow in lib/openjp2/j2k.c
A flaw was found in the OpenJPEG project. A heap buffer overflow condition may be triggered when certain options are specified while using the opjdecompress utility. This can lead to an application crash or other undefined behavior...
CVE-2024-56827 Openjpeg: heap buffer overflow in lib/openjp2/j2k.c
A flaw was found in the OpenJPEG project. A heap buffer overflow condition may be triggered when certain options are specified while using the opjdecompress utility. This can lead to an application crash or other undefined behavior...
CVE-2024-56826 Openjpeg: heap buffer overflow in bin/common/color.c
A flaw was found in the OpenJPEG project. A heap buffer overflow condition may be triggered when certain options are specified while using the opjdecompress utility. This can lead to an application crash or other undefined behavior...
SUSE-SU-2022:4082-1 Security update for openjpeg
This update for openjpeg fixes the following issues: - CVE-2018-20846: Fixed an Out-of-bounds accesses in pinextlrcp, pinextrlcp, pinextrpcl, pinextpcrl, pinextrpcl, and pinextcprl in openmj2/pi. bsc1140205 - CVE-2018-21010: Fixed a heap buffer overflow in colorapplyiccprofile in bin/common/color...
SUSE-SU-2022:1296-1 Security update for openjpeg
This update for openjpeg fixes the following issues: - CVE-2018-14423: Fixed division-by-zero vulnerabilities in the functions pinextpcrl, pinextcprl,and pinextrpcl in lib/openjp3d/pi.c bsc1102016. - CVE-2018-16376: Fixed heap-based buffer overflow function t2encodepacket in lib/openmj2/t2.c...
MGASA-2020-0464 Updated openjpeg2 packages fix security vulnerabilities
A heap-buffer overwrites error was discovered in lib/openjp2/mqc.c in OpenJPEG 2.3.1. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service or possibly remote code execution CVE-2020-27814. A flaw was found in OpenJPEG’s encoder. This flaw allows an attacker ...
Updated openjpeg2 packages fix security vulnerability
jp2/opjdecompress.c in OpenJPEG through 2.3.1 has a use-after-free that can be triggered if there is a mix of valid and invalid files in a directory operated on by the decompressor. Triggering a double-free may also be possible. This is related to calling opjimagedestroy twice CVE-2020-15389...
MGASA-2020-0307 Updated openjpeg2 packages fix security vulnerability
jp2/opjdecompress.c in OpenJPEG through 2.3.1 has a use-after-free that can be triggered if there is a mix of valid and invalid files in a directory operated on by the decompressor. Triggering a double-free may also be possible. This is related to calling opjimagedestroy twice CVE-2020-15389...
MGASA-2020-0074 Updated openjpeg2 packages fix security vulnerability
opjt1clbldecodeprocessor in openjp2/t1.c in OpenJPEG 2.3.1 through 2020-01-28 has a heap-based buffer overflow in the qmfbid==1 case, a different issue than CVE-2020-6851. CVE-2020-8112...
MGASA-2020-0071 Updated openjpeg2 packages fix security vulnerability
Updated openjpeg2 packages fix security vulnerability: OpenJPEG through 2.3.1 has a heap-based buffer overflow in opjt1clbldecodeprocessor in libopenjp2.so CVE-2020-6851...
MGASA-2019-0365 Updated openjpeg2 packages fix security vulnerability
The updated packages fix a security vulnerability: In OpenJPEG 2.3.1, there is excessive iteration in the opjt1encodecblks function of openjp2/t1.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file. This issue is similar to CVE-2018-6616...
Updated openjpeg2 packages fix security vulnerability
Updated openjpeg2 packages fix security vulnerability: Division-by-zero vulnerabilities in the functions pinextpcrl, pinextcprl, and pinextrpcl in lib/openjp3d/pi.c in OpenJPEG through 2.3.0 allow remote attackers to cause a denial of service CVE-2018-14423...
Stack overflow
In OpenJPEG 2.3.0, a stack-based buffer overflow was discovered in the pgxtovolume function in jp3d/convert.c. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service or possibly remote code execution...
MGASA-2016-0362 Updated openjpeg2 packages fix security vulnerabilities
A specially crafted JPEG2000 image file can force Out-Of-Bounds Read in opjtcdfreetile CVE-2016-3181. A specially crafted JPEG2000 image file can force Heap Corruption in opjfree CVE-2016-3182. A specially crafted JPEG2000 image file can force Out-Of-Bounds Read in sycc422torgb CVE-2016-3183...
CVE-2016-7163
Integer overflow in the opjpicreatedecode function in pi.c in OpenJPEG allows remote attackers to execute arbitrary code via a crafted JP2 file, which triggers an out-of-bounds read or write...