Openjpeg Security Vulnerabilities and Issues — Openjpeg CVE List

Lucene search

UclouvainOpenjpeg

14 matches found

CVE•added 2016/10/29 10:59 a.m.•124 views

CVE-2016-9112

Floating Point Exception (aka FPE or divide by zero) in opj_pi_next_cprl function in openjp2/pi.c:523 in OpenJPEG 2.1.2.

7.5CVSS6.6AI score0.00787EPSS

CVE•added 2016/10/28 2:59 p.m.•85 views

CVE-2016-8332

A buffer overflow in OpenJPEG 2.1.1 causes arbitrary code execution when parsing a crafted image. An exploitable code execution vulnerability exists in the jpeg2000 image file format parser as implemented in the OpenJpeg library. A specially crafted jpeg2000 file can cause an out of bound heap writ...

7.8CVSS8.6AI score0.01168EPSS

CVE•added 2016/10/30 10:59 p.m.•79 views

CVE-2016-9118

Heap Buffer Overflow (WRITE of size 4) in function pnmtoimage of convert.c:1719 in OpenJPEG 2.1.2.

5.3CVSS6.1AI score0.0044EPSS

CVE•added 2016/09/21 2:25 p.m.•78 views

CVE-2016-7163

Integer overflow in the opj_pi_create_decode function in pi.c in OpenJPEG allows remote attackers to execute arbitrary code via a crafted JP2 file, which triggers an out-of-bounds read or write.

7.8CVSS8AI score0.00443EPSS

CVE•added 2016/09/21 2:25 p.m.•73 views

CVE-2015-8871

Use-after-free vulnerability in the opj_j2k_write_mco function in j2k.c in OpenJPEG before 2.1.1 allows remote attackers to have unspecified impact via unknown vectors.

9.8CVSS6.5AI score0.02727EPSS

CVE•added 2016/12/22 9:59 p.m.•72 views

CVE-2016-9675

openjpeg: A heap-based buffer overflow flaw was found in the patch for CVE-2013-6045. A crafted j2k image could cause the application to crash, or potentially execute arbitrary code.

7.8CVSS8.1AI score0.06297EPSS

CVE•added 2016/01/27 8:59 p.m.•59 views

CVE-2016-1924

The opj_tgt_reset function in OpenJpeg 2016.1.18 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted JPEG 2000 image.

6.5CVSS5.6AI score0.00608EPSS

CVE•added 2016/10/03 4:9 p.m.•58 views

CVE-2016-7445

convert.c in OpenJPEG before 2.1.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors involving the variable s.

7.5CVSS5.9AI score0.02039EPSS

CVE•added 2016/10/30 10:59 p.m.•57 views

CVE-2016-9114

There is a NULL Pointer Access in function imagetopnm of convert.c:1943(jp2) of OpenJPEG 2.1.2. image->comps[compno].data is not assigned a value after initialization(NULL). Impact is Denial of Service.

7.5CVSS7.3AI score0.00607EPSS

CVE•added 2016/10/30 10:59 p.m.•55 views

CVE-2016-9113

There is a NULL pointer dereference in function imagetobmp of convertbmp.c:980 of OpenJPEG 2.1.2. image->comps[0].data is not assigned a value after initialization(NULL). Impact is Denial of Service.

7.5CVSS7.3AI score0.00448EPSS

CVE•added 2016/10/30 10:59 p.m.•52 views

CVE-2016-9117

NULL Pointer Access in function imagetopnm of convert.c(jp2):1289 in OpenJPEG 2.1.2. Impact is Denial of Service. Someone must open a crafted j2k file.

6.5CVSS6.5AI score0.00357EPSS

CVE•added 2016/01/27 8:59 p.m.•51 views

CVE-2016-1923

Heap-based buffer overflow in the opj_j2k_update_image_data function in OpenJpeg 2016.1.18 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted JPEG 2000 image.

6.5CVSS5.9AI score0.0047EPSS

CVE•added 2016/10/30 10:59 p.m.•51 views

CVE-2016-9115

Heap Buffer Over-read in function imagetotga of convert.c(jp2):942 in OpenJPEG 2.1.2. Impact is Denial of Service. Someone must open a crafted j2k file.

6.5CVSS6.6AI score0.00374EPSS

CVE•added 2016/10/30 10:59 p.m.•48 views

CVE-2016-9116

NULL Pointer Access in function imagetopnm of convert.c:2226(jp2) in OpenJPEG 2.1.2. Impact is Denial of Service. Someone must open a crafted j2k file.

6.5CVSS6.5AI score0.00357EPSS