Lucene search

K
UclouvainOpenjpeg2.3.0

7 matches found

CVE
CVE
added 2018/02/04 10:29 p.m.233 views

CVE-2018-6616

In OpenJPEG 2.3.0, there is excessive iteration in the opj_t1_encode_cblks function of openjp2/t1.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file.

5.5CVSS5.6AI score0.00075EPSS
CVE
CVE
added 2018/01/19 8:29 a.m.174 views

CVE-2018-5785

In OpenJPEG 2.3.0, there is an integer overflow caused by an out-of-bounds left shift in the opj_j2k_setup_encoder function (openjp2/j2k.c). Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file.

6.5CVSS6.4AI score0.00779EPSS
CVE
CVE
added 2018/01/16 10:29 p.m.159 views

CVE-2018-5727

In OpenJPEG 2.3.0, there is an integer overflow vulnerability in the opj_t1_encode_cblks function (openjp2/t1.c). Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file.

6.5CVSS6.8AI score0.00724EPSS
CVE
CVE
added 2018/10/09 8:29 p.m.122 views

CVE-2018-18088

OpenJPEG 2.3.0 has a NULL pointer dereference for "red" in the imagetopnm function of jp2/convert.c

6.5CVSS5.9AI score0.01029EPSS
CVE
CVE
added 2018/09/03 12:29 a.m.89 views

CVE-2018-16375

An issue was discovered in OpenJPEG 2.3.0. Missing checks for header_info.height and header_info.width in the function pnmtoimage in bin/jpwl/convert.c can lead to a heap-based buffer overflow.

8.8CVSS7.2AI score0.00437EPSS
CVE
CVE
added 2018/09/03 12:29 a.m.68 views

CVE-2018-16376

An issue was discovered in OpenJPEG 2.3.0. A heap-based buffer overflow was discovered in the function t2_encode_packet in lib/openmj2/t2.c. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service or possibly unspecified other impact.

8.8CVSS8.8AI score0.00566EPSS
CVE
CVE
added 2018/03/02 4:29 p.m.54 views

CVE-2018-7648

An issue was discovered in mj2/opj_mj2_extract.c in OpenJPEG 2.3.0. The output prefix was not checked for length, which could overflow a buffer, when providing a prefix with 50 or more characters on the command line.

9.8CVSS9.4AI score0.00592EPSS