Search CVE reports
71 – 79 of 79 results
Some fixes available 1 of 5
Heap-based buffer overflow in the opj_j2k_update_image_data function in OpenJpeg 2016.1.18 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted JPEG 2000 image.
2 affected packages
openjpeg, openjpeg2
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| openjpeg | — | Not in release | Not in release | Not in release |
| openjpeg2 | — | Not affected | Not affected | Not affected |
Some fixes available 1 of 3
Integer overflow vulnerability in the bmp24toimage function in convertbmp.c in OpenJPEG before 2.2.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted bmp file.
2 affected packages
openjpeg2, openjpeg
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| openjpeg2 | — | — | — | Not affected |
| openjpeg | — | — | — | Not in release |
Some fixes available 2 of 5
Division-by-zero vulnerabilities in the functions opj_pi_next_cprl, opj_pi_next_pcrl, and opj_pi_next_rpcl in pi.c in OpenJPEG before 2.2.0 allow remote attackers to cause a denial of service (application crash) via crafted j2k files.
3 affected packages
ghostscript, openjpeg, openjpeg2
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| ghostscript | Not affected | Not affected | Not affected | Not affected |
| openjpeg | Not in release | Not in release | Not in release | Not in release |
| openjpeg2 | Not affected | Not affected | Not affected | Not affected |
NULL pointer dereference vulnerabilities in the imagetopnm function in convert.c, sycc444_to_rgb function in color.c, color_esycc_to_rgb function in color.c, and sycc422_to_rgb function in color.c in OpenJPEG before 2.2.0 allow...
2 affected packages
openjpeg, openjpeg2
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| openjpeg | — | — | — | Not in release |
| openjpeg2 | — | — | — | Not affected |
Some fixes available 2 of 3
Heap-based buffer overflow vulnerability in the opj_mqc_byteout function in mqc.c in OpenJPEG before 2.2.0 allows remote attackers to cause a denial of service (application crash) via a crafted bmp file.
2 affected packages
openjpeg, openjpeg2
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| openjpeg | — | — | — | Not in release |
| openjpeg2 | — | — | — | Not affected |
Some fixes available 1 of 5
Use-after-free vulnerability in the opj_j2k_write_mco function in j2k.c in OpenJPEG before 2.1.1 allows remote attackers to have unspecified impact via unknown vectors.
2 affected packages
openjpeg, openjpeg2
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| openjpeg | — | — | — | Not in release |
| openjpeg2 | — | — | — | Not affected |
Double free vulnerability in the j2k_read_ppm_v3 function in OpenJPEG before r2997, as used in PDFium in Google Chrome, allows remote attackers to cause a denial of service (process crash) via a crafted PDF.
2 affected packages
openjpeg2, openjpeg
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| openjpeg2 | — | Not affected | Not affected | Not affected |
| openjpeg | — | Not in release | Not in release | Not in release |
Some fixes available 24 of 50
OpenJPEG before r2944, as used in PDFium in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PDF document, related to j2k.c, jp2.c, pi.c, t1.c, t2.c, and tcd.c.
7 affected packages
gdcm, insighttoolkit4, chromium-browser, openjpeg, openjpeg2...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| gdcm | Not affected | Not affected | Not affected | Not affected |
| insighttoolkit4 | Not in release | Not affected | Not affected | Not affected |
| chromium-browser | Fixed | Fixed | Fixed | Fixed |
| openjpeg | Not in release | Not in release | Not in release | Not in release |
| openjpeg2 | Not affected | Not affected | Not affected | Not affected |
| oxide-qt | Not in release | Not in release | Not in release | Not in release |
| vxl | Not in release | Not in release | Not in release | Not in release |
Some fixes available 24 of 50
OpenJPEG before r2908, as used in PDFium in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PDF document, related to j2k.c, jp2.c, and t2.c.
7 affected packages
gdcm, insighttoolkit4, chromium-browser, openjpeg, openjpeg2...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| gdcm | Not affected | Not affected | Not affected | Not affected |
| insighttoolkit4 | Not in release | Not affected | Not affected | Not affected |
| chromium-browser | Fixed | Fixed | Fixed | Fixed |
| openjpeg | Not in release | Not in release | Not in release | Not in release |
| openjpeg2 | Not affected | Not affected | Not affected | Not affected |
| oxide-qt | Not in release | Not in release | Not in release | Not in release |
| vxl | Not in release | Not in release | Not in release | Not in release |