VulnerableCode Package Details - pkg:conan/openjpeg@2.4.0

Search for packages

Vulnerability	Summary	Fixed by
VCID-an46-hxt9-57e1 Aliases: CVE-2021-3575	Out-of-bounds Write A heap-based buffer overflow was found in openjpeg in color.c:379:42 in sycc420_to_rgb when decompressing a crafted .j2k file. An attacker could use this to execute arbitrary code with the permissions of the application compiled against openjpeg.	2.5.0 Affected by 0 other vulnerabilities.
VCID-pzv2-p44c-8qg4 Aliases: CVE-2021-29338	Multiple vulnerabilities have been discovered in OpenJPEG, the worst of which could result in arbitrary code execution.	2.5.0 Affected by 0 other vulnerabilities.
VCID-xh3j-ufru-6fby Aliases: CVE-2022-1122	Access of Uninitialized Pointer A flaw was found in the opj2_decompress program in openjpeg2 2.4.0 in the way it handles an input directory with a large number of files. When it fails to allocate a buffer to store the filenames of the input directory, it calls free() on an uninitialized pointer, leading to a segmentation fault and a denial of service.	2.5.0 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-an46-hxt9-57e1
Aliases:
CVE-2021-3575

Out-of-bounds Write A heap-based buffer overflow was found in openjpeg in color.c:379:42 in sycc420_to_rgb when decompressing a crafted .j2k file. An attacker could use this to execute arbitrary code with the permissions of the application compiled against openjpeg.

2.5.0
Affected by 0 other vulnerabilities.

VCID-pzv2-p44c-8qg4
Aliases:
CVE-2021-29338

Multiple vulnerabilities have been discovered in OpenJPEG, the worst of which could result in arbitrary code execution.

2.5.0
Affected by 0 other vulnerabilities.

VCID-xh3j-ufru-6fby
Aliases:
CVE-2022-1122

Access of Uninitialized Pointer A flaw was found in the opj2_decompress program in openjpeg2 2.4.0 in the way it handles an input directory with a large number of files. When it fails to allocate a buffer to store the filenames of the input directory, it calls free() on an uninitialized pointer, leading to a segmentation fault and a denial of service.

2.5.0
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
VCID-2ad2-5t5w-d7ew	openjpeg: global-buffer-overflow read in opj_dwt_calc_explicit_stepsizes()	CVE-2020-27824
VCID-3r1m-53dp-yff2	Multiple vulnerabilities have been found in OpenJPEG, the worst of which could result in the arbitrary execution of code.	CVE-2020-27842
VCID-4hbk-qsje-63fd	Multiple vulnerabilities have been found in OpenJPEG, the worst of which could result in the arbitrary execution of code.	CVE-2020-27841
VCID-7ath-fa35-5uca	openjpeg: Heap-based buffer overflow in opj_t1_clbl_decode_processor()	CVE-2020-6851
VCID-kq91-13ek-rkcu	Multiple vulnerabilities have been found in OpenJPEG, the worst of which could result in the arbitrary execution of code.	CVE-2020-15389
VCID-mdhg-k4sr-3bg7	openjpeg: heap-based buffer overflow in pj_t1_clbl_decode_processor in openjp2/t1.c	CVE-2020-8112
VCID-u497-trj1-rfdj	Multiple vulnerabilities have been found in OpenJPEG, the worst of which could result in the arbitrary execution of code.	CVE-2020-27814
VCID-whsh-5urk-b3ap	openjpeg: heap-buffer-overflow write in opj_tcd_dc_level_shift_encode()	CVE-2020-27823
VCID-xc4v-2aa6-yfd6	Multiple vulnerabilities have been found in OpenJPEG, the worst of which could result in the arbitrary execution of code.	CVE-2020-27843
VCID-xd8s-688v-tbd7	Multiple vulnerabilities have been found in OpenJPEG, the worst of which could result in the arbitrary execution of code.	CVE-2020-27844
VCID-zgaa-57ak-jbex	Multiple vulnerabilities have been found in OpenJPEG, the worst of which could result in the arbitrary execution of code.	CVE-2020-27845

Vulnerability

Summary

Aliases

VCID-2ad2-5t5w-d7ew

openjpeg: global-buffer-overflow read in opj_dwt_calc_explicit_stepsizes()

CVE-2020-27824

VCID-3r1m-53dp-yff2