Vulnerabilities affecting this package (0)
| Vulnerability |
Summary |
Fixed by |
|
This package is not known to be affected by vulnerabilities.
|
Vulnerabilities fixed by this package (5)
| Vulnerability |
Summary |
Aliases |
|
VCID-an46-hxt9-57e1
|
Out-of-bounds Write
A heap-based buffer overflow was found in openjpeg in color.c:379:42 in sycc420_to_rgb when decompressing a crafted .j2k file. An attacker could use this to execute arbitrary code with the permissions of the application compiled against openjpeg.
|
CVE-2021-3575
|
|
VCID-cgvq-jt8a-4yba
|
openjpeg: heap buffer overflow in bin/common/color.c
|
CVE-2024-56826
|
|
VCID-k9dc-cxnp-nug2
|
openjpeg: heap buffer overflow in lib/openjp2/j2k.c
|
CVE-2024-56827
|
|
VCID-pzv2-p44c-8qg4
|
Multiple vulnerabilities have been discovered in OpenJPEG, the worst of which could result in arbitrary code execution.
|
CVE-2021-29338
|
|
VCID-xh3j-ufru-6fby
|
Access of Uninitialized Pointer
A flaw was found in the opj2_decompress program in openjpeg2 2.4.0 in the way it handles an input directory with a large number of files. When it fails to allocate a buffer to store the filenames of the input directory, it calls free() on an uninitialized pointer, leading to a segmentation fault and a denial of service.
|
CVE-2022-1122
|