AZL-79280 CVE-2026-3381 affecting package openjpeg2 2.3.1-12

Compress::Raw::Zlib versions through 2.219 for Perl use potentially insecure versions of zlib. Compress::Raw::Zlib includes a copy of the zlib library. Compress::Raw::Zlib version 2.220 includes zlib 1.3.2, which addresses findings fron the 7ASecurity audit of zlib. The includes fixs for...

Unity Linux 20.1070e Security Update: openjpeg2 (UTSA-2025-993315)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993315 advisory. openjpeg v 2.5.0 was discovered to contain a NULL pointer dereference via the component /openjp2/dwt.c. Tenable has extracted the preceding description block directl...

EUVD-2013-6689

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2016-9114

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - There is a NULL Pointer Access in function imagetopnm of convert.c:1943jp2 of OpenJPEG 2.1.2. image-compscompno.data is not assigned a value after...

Linux Distros Unpatched Vulnerability : CVE-2016-9118

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Heap Buffer Overflow WRITE of size 4 in function pnmtoimage of convert.c:1719 in OpenJPEG 2.1.2. CVE-2016-9118 Note that Nessus relies on the presence of the...

AZL-73323 CVE-2023-39327 affecting package openjpeg2 2.3.1-12

A flaw was found in OpenJPEG. Maliciously constructed pictures can cause the program to enter a large loop and continuously print warning messages on the terminal...

AZL-44130 CVE-2023-3316 affecting package openjpeg2 2.3.1-12

A NULL pointer dereference in TIFFClose is caused by a failure to open an output file non-existent path or a path that requires permissions like /dev/null while specifying zones...

SUSE CVE-2013-1447

OpenJPEG 1.3 and earlier allows remote attackers to cause a denial of service memory consumption or crash via unspecified vectors related to NULL pointer dereferences, division-by-zero, and other errors...

SUSE CVE-2020-27841

There's a flaw in openjpeg in versions prior to 2.4.0 in src/lib/openjp2/pi.c. When an attacker is able to provide crafted input to be processed by the openjpeg encoder, this could cause an out-of-bounds read. The greatest impact from this flaw is to application availability...

AZL-44196 CVE-2020-35523 affecting package openjpeg2 2.3.1-12

An integer overflow flaw was found in libtiff that exists in the tifgetimage.c file. This flaw allows an attacker to inject and execute arbitrary code when a user opens a crafted TIFF file. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability...

AZL-44712 CVE-2020-27845 affecting package openjpeg2 for versions less than 2.3.1-12

There's a flaw in src/lib/openjp2/pi.c of openjpeg in versions prior to 2.4.0. If an attacker is able to provide untrusted input to openjpeg's conversion/encoding functionality, they could cause an out-of-bounds read. The highest impact of this flaw is to application availability...

PT-2018-5097 · Openjpeg +3 · Openjpeg +3

Name of the Vulnerable Software and Affected Versions: openjpeg version 2.1.2 Description: An integer overflow issue was discovered in the tiftoimage function, leading to a heap buffer overflow. Recommendations: For openjpeg version 2.1.2, at the moment, there is no information about a newer...

PT-2018-5094 · Openjpeg +4 · Openjpeg +4

Name of the Vulnerable Software and Affected Versions: OpenJPEG version 2.1.2 Description: An out-of-bounds read issue was found in the j2k to image tool. Converting a specially crafted JPEG2000 file to another format could cause the application to crash or, potentially, disclose some data from t...

DEBIAN-CVE-2016-9115

Heap Buffer Over-read in function imagetotga of convert.cjp2:942 in OpenJPEG 2.1.2. Impact is Denial of Service. Someone must open a crafted j2k file...