Search for packages
| purl | pkg:deb/debian/openjpeg2@2.1.2-1.1%2Bdeb9u4 |
| Next non-vulnerable version | 2.5.0-2+deb12u1 |
| Latest non-vulnerable version | 2.5.0-2+deb12u1 |
| Risk | 9.4 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-13a6-pz6g-gqch
Aliases: CVE-2020-8112 |
multiple issues |
Affected by 21 other vulnerabilities. Affected by 5 other vulnerabilities. |
|
VCID-2ep6-r5mz-kqgc
Aliases: CVE-2016-5152 |
chromium-browser: heap overflow in pdfium |
Affected by 21 other vulnerabilities. |
|
VCID-2u1h-j78k-kudq
Aliases: CVE-2018-20847 |
An improper computation of p_tx0, p_tx1, p_ty0 and p_ty1 in the function opj_get_encoding_parameters in openjp2/pi.c in OpenJPEG through 2.3.0 can lead to an integer overflow. |
Affected by 5 other vulnerabilities. |
|
VCID-3dqb-b7k1-kfcn
Aliases: CVE-2020-27842 |
multiple issues |
Affected by 21 other vulnerabilities. Affected by 5 other vulnerabilities. |
|
VCID-53ud-7t9m-e7a6
Aliases: CVE-2016-1626 |
chromium-browser: out-of-bounds read in PDFium |
Affected by 21 other vulnerabilities. |
|
VCID-6fbp-vvxd-mbh7
Aliases: CVE-2018-7648 |
An issue was discovered in mj2/opj_mj2_extract.c in OpenJPEG 2.3.0. The output prefix was not checked for length, which could overflow a buffer, when providing a prefix with 50 or more characters on the command line. |
Affected by 5 other vulnerabilities. |
|
VCID-6jg9-hjwt-8fdh
Aliases: CVE-2018-18088 |
OpenJPEG 2.3.0 has a NULL pointer dereference for "red" in the imagetopnm function of jp2/convert.c |
Affected by 21 other vulnerabilities. |
|
VCID-8cae-ujfd-y7gf
Aliases: CVE-2020-27841 |
multiple issues |
Affected by 21 other vulnerabilities. Affected by 5 other vulnerabilities. |
|
VCID-8gbs-r68g-vqbk
Aliases: CVE-2018-20845 |
Division-by-zero vulnerabilities in the functions pi_next_pcrl, pi_next_cprl, and pi_next_rpcl in openmj2/pi.c in OpenJPEG through 2.3.0 allow remote attackers to cause a denial of service (application crash). |
Affected by 5 other vulnerabilities. |
|
VCID-8xpd-u17s-y7fc
Aliases: CVE-2020-27824 |
multiple issues |
Affected by 21 other vulnerabilities. Affected by 5 other vulnerabilities. |
|
VCID-9atj-1wqe-f7b8
Aliases: CVE-2016-10504 |
openjpeg: Heap-based buffer over-write in in opj_mqc_byteout function of mqc.c |
Affected by 21 other vulnerabilities. |
|
VCID-agbs-qzdk-j3h2
Aliases: CVE-2020-6851 |
multiple issues |
Affected by 21 other vulnerabilities. Affected by 5 other vulnerabilities. |
|
VCID-apd2-2jgt-aqcv
Aliases: CVE-2016-9118 |
multiple issues |
Affected by 21 other vulnerabilities. |
|
VCID-brmp-q4j4-x3av
Aliases: CVE-2021-29338 |
multiple issues |
Affected by 0 other vulnerabilities. |
|
VCID-cugy-xu5m-kqcs
Aliases: CVE-2021-3575 |
arbitrary code execution |
Affected by 0 other vulnerabilities. |
|
VCID-dp8a-x9bz-kkhz
Aliases: CVE-2018-21010 |
OpenJPEG before 2.3.1 has a heap buffer overflow in color_apply_icc_profile in bin/common/color.c. |
Affected by 5 other vulnerabilities. |
|
VCID-dzfx-zaum-f3as
Aliases: CVE-2017-14041 |
openjpeg: Stack-based buffer over-write in pgxtoimage function in bin/jp2/convert.c |
Affected by 21 other vulnerabilities. |
|
VCID-eu9c-fz5h-7uft
Aliases: CVE-2017-14151 |
openjpeg: Heap-based buffer overflow in opj_mqc_flush in mqc.c |
Affected by 21 other vulnerabilities. |
|
VCID-fqag-ebfc-4bbb
Aliases: CVE-2024-56827 |
A flaw was found in the OpenJPEG project. A heap buffer overflow condition may be triggered when certain options are specified while using the opj_decompress utility. This can lead to an application crash or other undefined behavior. |
Affected by 0 other vulnerabilities. |
|
VCID-gj3r-rk3b-67h3
Aliases: CVE-2016-10506 |
Affected by 21 other vulnerabilities. |
|
|
VCID-gr4q-e4fa-97fb
Aliases: CVE-2020-27823 |
arbitrary code execution |
Affected by 21 other vulnerabilities. Affected by 5 other vulnerabilities. |
|
VCID-h86r-7qed-gkhk
Aliases: CVE-2020-27814 |
multiple issues |
Affected by 21 other vulnerabilities. Affected by 5 other vulnerabilities. |
|
VCID-jakn-mekv-tqcf
Aliases: CVE-2016-1628 |
chromium-browser: out-of-bounds read in PDFium |
Affected by 21 other vulnerabilities. |
|
VCID-jmmv-pbje-dkf5
Aliases: CVE-2016-9112 |
Affected by 21 other vulnerabilities. |
|
|
VCID-kt42-h6tb-y7ae
Aliases: CVE-2018-5785 |
In OpenJPEG 2.3.0, there is an integer overflow caused by an out-of-bounds left shift in the opj_j2k_setup_encoder function (openjp2/j2k.c). Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file. |
Affected by 21 other vulnerabilities. |
|
VCID-kx3w-j8sd-eqex
Aliases: CVE-2018-6616 |
In OpenJPEG 2.3.0, there is excessive iteration in the opj_t1_encode_cblks function of openjp2/t1.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file. |
Affected by 21 other vulnerabilities. |
|
VCID-n4rn-am8q-7yck
Aliases: CVE-2017-17480 |
Affected by 21 other vulnerabilities. |
|
|
VCID-rqah-ek77-wqez
Aliases: CVE-2017-14039 |
openjpeg: Heap-based buffer overflow in opj_t2_encode_packet function in lib/openjp2/t2.c |
Affected by 21 other vulnerabilities. |
|
VCID-ssrc-hs6m-pfcp
Aliases: CVE-2018-5727 |
In OpenJPEG 2.3.0, there is an integer overflow vulnerability in the opj_t1_encode_cblks function (openjp2/t1.c). Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file. |
Affected by 5 other vulnerabilities. |
|
VCID-t3q5-ahs2-ebbt
Aliases: CVE-2022-1122 |
A flaw was found in the opj2_decompress program in openjpeg2 2.4.0 in the way it handles an input directory with a large number of files. When it fails to allocate a buffer to store the filenames of the input directory, it calls free() on an uninitialized pointer, leading to a segmentation fault and a denial of service. |
Affected by 0 other vulnerabilities. |
|
VCID-t6x8-2nny-pbh3
Aliases: CVE-2020-27845 |
multiple issues |
Affected by 21 other vulnerabilities. Affected by 5 other vulnerabilities. |
|
VCID-u832-st7b-fkh1
Aliases: CVE-2018-14423 |
Division-by-zero vulnerabilities in the functions pi_next_pcrl, pi_next_cprl, and pi_next_rpcl in lib/openjp3d/pi.c in OpenJPEG through 2.3.0 allow remote attackers to cause a denial of service (application crash). |
Affected by 21 other vulnerabilities. |
|
VCID-vch4-ws1q-hqev
Aliases: CVE-2017-14152 |
openjpeg: Heap-based buffer overflow in opj_write_bytes_LE in cio.c |
Affected by 21 other vulnerabilities. |
|
VCID-w3hd-1g1v-9bcs
Aliases: CVE-2020-15389 |
multiple issues |
Affected by 21 other vulnerabilities. Affected by 5 other vulnerabilities. |
|
VCID-x369-8ebu-wuh3
Aliases: CVE-2020-27843 |
multiple issues |
Affected by 21 other vulnerabilities. Affected by 5 other vulnerabilities. |
|
VCID-x3gk-a7k1-rfc1
Aliases: CVE-2019-12973 |
multiple issues |
Affected by 5 other vulnerabilities. |
|
VCID-xbtx-dhs1-jbdc
Aliases: CVE-2017-14040 |
openjpeg: Invalid write access in bin/jp2/convert.c |
Affected by 21 other vulnerabilities. |
|
VCID-yhvk-n5vb-muas
Aliases: CVE-2024-56826 |
A flaw was found in the OpenJPEG project. A heap buffer overflow condition may be triggered when certain options are specified while using the opj_decompress utility. This can lead to an application crash or other undefined behavior. |
Affected by 0 other vulnerabilities. |
|
VCID-zy2k-6dv6-afaf
Aliases: CVE-2017-12982 |
Affected by 21 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-19cm-3ybb-mudu | openjpeg: Double free vulnerability in opj_j2k_copy_default_tcp_and_create_tcd |
CVE-2015-6581
|
| VCID-2ep6-r5mz-kqgc | chromium-browser: heap overflow in pdfium |
CVE-2016-5152
|
| VCID-53ud-7t9m-e7a6 | chromium-browser: out-of-bounds read in PDFium |
CVE-2016-1626
|
| VCID-5gyw-5mz4-3ugy | openjpeg: Division-by-zero in function opj_tcd_init_tile in tcd.c |
CVE-2016-4797
|
| VCID-5j3k-n87j-sub9 | openjpeg2: JPEG2000 mcc record Code Execution Vulnerability |
CVE-2016-8332
|
| VCID-6jg9-hjwt-8fdh | OpenJPEG 2.3.0 has a NULL pointer dereference for "red" in the imagetopnm function of jp2/convert.c |
CVE-2018-18088
|
| VCID-7qsz-ugqd-gqbr | openjpeg: Integer overflow in bmp24toimage function in convertbmp.c |
CVE-2016-10507
|
| VCID-91v5-t52f-hua6 | openjpeg: Heap buffer overflow in function color_cmyk_to_rgb in color.c |
CVE-2016-4796
|
| VCID-9dd4-8gzf-4ydv | Double free vulnerability in the j2k_read_ppm_v3 function in OpenJPEG before r2997, as used in PDFium in Google Chrome, allows remote attackers to cause a denial of service (process crash) via a crafted PDF. |
CVE-2015-1239
|
| VCID-a45b-4w8b-qkhc | openjpeg: heap out-of-bounds read due to insufficient check in imagetopnm() |
CVE-2016-9573
|
| VCID-apd2-2jgt-aqcv | multiple issues |
CVE-2016-9118
|
| VCID-ch3f-m61j-cuhg | chromium-browser: heap overflow in pdfium |
CVE-2016-5157
|
| VCID-dzfx-zaum-f3as | openjpeg: Stack-based buffer over-write in pgxtoimage function in bin/jp2/convert.c |
CVE-2017-14041
|
| VCID-e3ae-x583-83bw | openjpeg: Integer overflow in opj_pi_create_decode |
CVE-2016-7163
|
| VCID-hhf9-g4k5-xkdt |
CVE-2016-7445
|
|
| VCID-jakn-mekv-tqcf | chromium-browser: out-of-bounds read in PDFium |
CVE-2016-1628
|
| VCID-jprg-5ahh-3qa6 | openjpeg: out of bounds read in opj_j2k_update_image_data |
CVE-2016-1923
|
| VCID-kt42-h6tb-y7ae | In OpenJPEG 2.3.0, there is an integer overflow caused by an out-of-bounds left shift in the opj_j2k_setup_encoder function (openjp2/j2k.c). Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file. |
CVE-2018-5785
|
| VCID-kx3w-j8sd-eqex | In OpenJPEG 2.3.0, there is excessive iteration in the opj_t1_encode_cblks function of openjp2/t1.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file. |
CVE-2018-6616
|
| VCID-mrw2-zjbq-1bed | openjpeg: heap overflow due to unsafe use of opj_aligned_malloc |
CVE-2016-5158
|
| VCID-n4rn-am8q-7yck |
CVE-2017-17480
|
|
| VCID-n9j7-4b7j-eudg | openjpeg: Use-after-free in opj_j2k_write_mco function |
CVE-2015-8871
|
| VCID-psew-5ghp-jqh6 | openjpeg: out of bounds read in opj_tgt_reset |
CVE-2016-1924
|
| VCID-qewk-upu2-rqfv | openjpeg: Out-of-bounds read in sycc422_to_rgb function |
CVE-2016-3183
|
| VCID-qptm-gt1b-bydj | openjpeg: NULL pointer dereference in input decoding |
CVE-2016-9572
|
| VCID-rqah-ek77-wqez | openjpeg: Heap-based buffer overflow in opj_t2_encode_packet function in lib/openjp2/t2.c |
CVE-2017-14039
|
| VCID-s4rb-rhps-wkgy | openjpeg: Heap corruption in opj_free function |
CVE-2016-3182
|
| VCID-s5qv-cg2m-j7e2 | chromium-browser: out-of-bounds read in PDFium |
CVE-2014-7947
|
| VCID-u832-st7b-fkh1 | Division-by-zero vulnerabilities in the functions pi_next_pcrl, pi_next_cprl, and pi_next_rpcl in lib/openjp3d/pi.c in OpenJPEG through 2.3.0 allow remote attackers to cause a denial of service (application crash). |
CVE-2018-14423
|
| VCID-uh1z-agrk-a7br | openjpeg: heap overflow in parsing of JPEG2000 code blocks |
CVE-2016-5159
|
| VCID-vch4-ws1q-hqev | openjpeg: Heap-based buffer overflow in opj_write_bytes_LE in cio.c |
CVE-2017-14152
|
| VCID-xbtx-dhs1-jbdc | openjpeg: Invalid write access in bin/jp2/convert.c |
CVE-2017-14040
|
| VCID-zvpt-7d36-9bg4 | openjpeg: Heap overflow in parsing of JPEG2000 precincts |
CVE-2016-5139
|