Openjpeg Security Vulnerabilities and Issues — Openjpeg CVE List

Lucene search

UclouvainOpenjpeg

5 matches found

CVE•added 2017/12/08 7:29 p.m.•132 views

CVE-2017-17480

In OpenJPEG 2.3.0, a stack-based buffer overflow was discovered in the pgxtovolume function in jp3d/convert.c. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service or possibly remote code execution.

9.8CVSS9.8AI score0.02253EPSS

CVE•added 2017/12/08 7:29 p.m.•105 views

CVE-2017-17479

In OpenJPEG 2.3.0, a stack-based buffer overflow was discovered in the pgxtoimage function in jpwl/convert.c. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service or possibly remote code execution.

9.8CVSS7.9AI score0.05764EPSS

CVE•added 2016/09/21 2:25 p.m.•73 views

CVE-2015-8871

Use-after-free vulnerability in the opj_j2k_write_mco function in j2k.c in OpenJPEG before 2.1.1 allows remote attackers to have unspecified impact via unknown vectors.

9.8CVSS6.5AI score0.02727EPSS

CVE•added 2018/03/02 4:29 p.m.•54 views

CVE-2018-7648

An issue was discovered in mj2/opj_mj2_extract.c in OpenJPEG 2.3.0. The output prefix was not checked for length, which could overflow a buffer, when providing a prefix with 50 or more characters on the command line.

9.8CVSS9.4AI score0.00592EPSS

CVE•added 2012/04/11 10:39 a.m.•39 views

CVE-2012-1499

The JPEG 2000 codec (jp2.c) in OpenJPEG before 1.5 allows remote attackers to execute arbitrary code via a crafted palette index in a CMAP record of a JPEG image, which triggers memory corruption, aka "out-of heap-based buffer write."

9.3CVSS7.5AI score0.03847EPSS