Uclouvain

Openjpeg

82 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2016-9572

Exploit
  • EPSS 1.77%
  • Published 01.08.2018 16:29:00
  • Last modified 21.11.2024 03:01:24

A NULL pointer dereference flaw was found in the way openjpeg 2.1.2 decoded certain input images. Due to a logic error in the code responsible for decoding the input image, an application using openjpeg to process image data could crash when processi...

8.8

CVE-2016-9581

Exploit
  • EPSS 0.35%
  • Published 01.08.2018 14:29:00
  • Last modified 21.11.2024 03:01:26

An infinite loop vulnerability in tiftoimage that results in heap buffer overflow in convert_32s_C1P1 was found in openjpeg 2.1.2.

8.1

CVE-2016-9573

Exploit
  • EPSS 1.41%
  • Published 01.08.2018 06:29:00
  • Last modified 21.11.2024 03:01:25

An out-of-bounds read vulnerability was found in OpenJPEG 2.1.2, in the j2k_to_image tool. Converting a specially crafted JPEG2000 file to another format could cause the application to crash or, potentially, disclose some data from the heap.

7.5

CVE-2018-14423

Exploit
  • EPSS 1.62%
  • Published 19.07.2018 19:29:00
  • Last modified 21.11.2024 03:49:01

Division-by-zero vulnerabilities in the functions pi_next_pcrl, pi_next_cprl, and pi_next_rpcl in lib/openjp3d/pi.c in OpenJPEG through 2.3.0 allow remote attackers to cause a denial of service (application crash).

8.8

CVE-2014-0158

  • EPSS 0.51%
  • Published 10.04.2018 15:29:00
  • Last modified 21.11.2024 02:01:30

Heap-based buffer overflow in the JPEG2000 image tile decoder in OpenJPEG before 1.5.2 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file because of incorrect j2k_deco...

9.8

CVE-2018-7648

  • EPSS 0.56%
  • Published 02.03.2018 16:29:00
  • Last modified 21.11.2024 04:12:28

An issue was discovered in mj2/opj_mj2_extract.c in OpenJPEG 2.3.0. The output prefix was not checked for length, which could overflow a buffer, when providing a prefix with 50 or more characters on the command line.

5.5

CVE-2018-6616

Exploit
  • EPSS 0.08%
  • Published 04.02.2018 22:29:00
  • Last modified 21.11.2024 04:10:59

In OpenJPEG 2.3.0, there is excessive iteration in the opj_t1_encode_cblks function of openjp2/t1.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file.

6.5

CVE-2018-5785

Exploit
  • EPSS 0.68%
  • Published 19.01.2018 08:29:00
  • Last modified 21.11.2024 04:09:23

In OpenJPEG 2.3.0, there is an integer overflow caused by an out-of-bounds left shift in the opj_j2k_setup_encoder function (openjp2/j2k.c). Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file.

6.5

CVE-2018-5727

Exploit
  • EPSS 0.72%
  • Published 16.01.2018 22:29:00
  • Last modified 21.11.2024 04:09:15

In OpenJPEG 2.3.0, there is an integer overflow vulnerability in the opj_t1_encode_cblks function (openjp2/t1.c). Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file.

9.8

CVE-2017-17479

  • EPSS 5.76%
  • Published 08.12.2017 19:29:00
  • Last modified 20.04.2025 01:37:25

In OpenJPEG 2.3.0, a stack-based buffer overflow was discovered in the pgxtoimage function in jpwl/convert.c. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service or possibly remote code execution.