Openjpeg Security Vulnerabilities and Issues — Openjpeg CVE List

Lucene search

UclouvainOpenjpeg

4 matches found

CVE•added 2020/01/13 6:15 a.m.•366 views

CVE-2020-6851

OpenJPEG through 2.3.1 has a heap-based buffer overflow in opj_t1_clbl_decode_processor in openjp2/t1.c because of lack of opj_j2k_update_image_dimensions validation.

7.5CVSS7.9AI score0.0122EPSS

CVE•added 2020/01/28 6:15 p.m.•303 views

CVE-2020-8112

opj_t1_clbl_decode_processor in openjp2/t1.c in OpenJPEG 2.3.1 through 2020-01-28 has a heap-based buffer overflow in the qmfbid==1 case, a different issue than CVE-2020-6851.

8.8CVSS8.3AI score0.01428EPSS

CVE•added 2020/06/29 9:15 p.m.•247 views

CVE-2020-15389

jp2/opj_decompress.c in OpenJPEG through 2.3.1 has a use-after-free that can be triggered if there is a mix of valid and invalid files in a directory operated on by the decompressor. Triggering a double-free may also be possible. This is related to calling opj_image_destroy twice.

6.5CVSS7.1AI score0.00223EPSS

CVE•added 2020/02/20 1:15 a.m.•92 views

CVE-2016-3182

The color_esycc_to_rgb function in bin/common/color.c in OpenJPEG before 2.1.1 allows attackers to cause a denial of service (memory corruption) via a crafted jpeg 2000 file.

5.5CVSS5.2AI score0.0057EPSS