Search for packages
| purl | pkg:deb/debian/openjpeg2@2.3.0-2%2Bdeb10u2 |
| Next non-vulnerable version | 2.5.0-2+deb12u1 |
| Latest non-vulnerable version | 2.5.0-2+deb12u1 |
| Risk | 4.4 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-13a6-pz6g-gqch
Aliases: CVE-2020-8112 |
multiple issues |
Affected by 5 other vulnerabilities. |
|
VCID-2u1h-j78k-kudq
Aliases: CVE-2018-20847 |
An improper computation of p_tx0, p_tx1, p_ty0 and p_ty1 in the function opj_get_encoding_parameters in openjp2/pi.c in OpenJPEG through 2.3.0 can lead to an integer overflow. |
Affected by 5 other vulnerabilities. |
|
VCID-3dqb-b7k1-kfcn
Aliases: CVE-2020-27842 |
multiple issues |
Affected by 5 other vulnerabilities. |
|
VCID-6fbp-vvxd-mbh7
Aliases: CVE-2018-7648 |
An issue was discovered in mj2/opj_mj2_extract.c in OpenJPEG 2.3.0. The output prefix was not checked for length, which could overflow a buffer, when providing a prefix with 50 or more characters on the command line. |
Affected by 5 other vulnerabilities. |
|
VCID-8cae-ujfd-y7gf
Aliases: CVE-2020-27841 |
multiple issues |
Affected by 5 other vulnerabilities. |
|
VCID-8gbs-r68g-vqbk
Aliases: CVE-2018-20845 |
Division-by-zero vulnerabilities in the functions pi_next_pcrl, pi_next_cprl, and pi_next_rpcl in openmj2/pi.c in OpenJPEG through 2.3.0 allow remote attackers to cause a denial of service (application crash). |
Affected by 5 other vulnerabilities. |
|
VCID-8xpd-u17s-y7fc
Aliases: CVE-2020-27824 |
multiple issues |
Affected by 5 other vulnerabilities. |
|
VCID-agbs-qzdk-j3h2
Aliases: CVE-2020-6851 |
multiple issues |
Affected by 5 other vulnerabilities. |
|
VCID-brmp-q4j4-x3av
Aliases: CVE-2021-29338 |
multiple issues |
Affected by 0 other vulnerabilities. |
|
VCID-cugy-xu5m-kqcs
Aliases: CVE-2021-3575 |
arbitrary code execution |
Affected by 0 other vulnerabilities. |
|
VCID-dp8a-x9bz-kkhz
Aliases: CVE-2018-21010 |
OpenJPEG before 2.3.1 has a heap buffer overflow in color_apply_icc_profile in bin/common/color.c. |
Affected by 5 other vulnerabilities. |
|
VCID-fqag-ebfc-4bbb
Aliases: CVE-2024-56827 |
A flaw was found in the OpenJPEG project. A heap buffer overflow condition may be triggered when certain options are specified while using the opj_decompress utility. This can lead to an application crash or other undefined behavior. |
Affected by 0 other vulnerabilities. |
|
VCID-gr4q-e4fa-97fb
Aliases: CVE-2020-27823 |
arbitrary code execution |
Affected by 5 other vulnerabilities. |
|
VCID-h86r-7qed-gkhk
Aliases: CVE-2020-27814 |
multiple issues |
Affected by 5 other vulnerabilities. |
|
VCID-ssrc-hs6m-pfcp
Aliases: CVE-2018-5727 |
In OpenJPEG 2.3.0, there is an integer overflow vulnerability in the opj_t1_encode_cblks function (openjp2/t1.c). Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file. |
Affected by 5 other vulnerabilities. |
|
VCID-t3q5-ahs2-ebbt
Aliases: CVE-2022-1122 |
A flaw was found in the opj2_decompress program in openjpeg2 2.4.0 in the way it handles an input directory with a large number of files. When it fails to allocate a buffer to store the filenames of the input directory, it calls free() on an uninitialized pointer, leading to a segmentation fault and a denial of service. |
Affected by 0 other vulnerabilities. |
|
VCID-t6x8-2nny-pbh3
Aliases: CVE-2020-27845 |
multiple issues |
Affected by 5 other vulnerabilities. |
|
VCID-w3hd-1g1v-9bcs
Aliases: CVE-2020-15389 |
multiple issues |
Affected by 5 other vulnerabilities. |
|
VCID-x369-8ebu-wuh3
Aliases: CVE-2020-27843 |
multiple issues |
Affected by 5 other vulnerabilities. |
|
VCID-x3gk-a7k1-rfc1
Aliases: CVE-2019-12973 |
multiple issues |
Affected by 5 other vulnerabilities. |
|
VCID-yhvk-n5vb-muas
Aliases: CVE-2024-56826 |
A flaw was found in the OpenJPEG project. A heap buffer overflow condition may be triggered when certain options are specified while using the opj_decompress utility. This can lead to an application crash or other undefined behavior. |
Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-13a6-pz6g-gqch | multiple issues |
CVE-2020-8112
|
| VCID-2ep6-r5mz-kqgc | chromium-browser: heap overflow in pdfium |
CVE-2016-5152
|
| VCID-3dqb-b7k1-kfcn | multiple issues |
CVE-2020-27842
|
| VCID-53ud-7t9m-e7a6 | chromium-browser: out-of-bounds read in PDFium |
CVE-2016-1626
|
| VCID-6jg9-hjwt-8fdh | OpenJPEG 2.3.0 has a NULL pointer dereference for "red" in the imagetopnm function of jp2/convert.c |
CVE-2018-18088
|
| VCID-8cae-ujfd-y7gf | multiple issues |
CVE-2020-27841
|
| VCID-8xpd-u17s-y7fc | multiple issues |
CVE-2020-27824
|
| VCID-9atj-1wqe-f7b8 | openjpeg: Heap-based buffer over-write in in opj_mqc_byteout function of mqc.c |
CVE-2016-10504
|
| VCID-agbs-qzdk-j3h2 | multiple issues |
CVE-2020-6851
|
| VCID-apd2-2jgt-aqcv | multiple issues |
CVE-2016-9118
|
| VCID-dzfx-zaum-f3as | openjpeg: Stack-based buffer over-write in pgxtoimage function in bin/jp2/convert.c |
CVE-2017-14041
|
| VCID-eu9c-fz5h-7uft | openjpeg: Heap-based buffer overflow in opj_mqc_flush in mqc.c |
CVE-2017-14151
|
| VCID-gj3r-rk3b-67h3 |
CVE-2016-10506
|
|
| VCID-gr4q-e4fa-97fb | arbitrary code execution |
CVE-2020-27823
|
| VCID-h86r-7qed-gkhk | multiple issues |
CVE-2020-27814
|
| VCID-jakn-mekv-tqcf | chromium-browser: out-of-bounds read in PDFium |
CVE-2016-1628
|
| VCID-jmmv-pbje-dkf5 |
CVE-2016-9112
|
|
| VCID-kt42-h6tb-y7ae | In OpenJPEG 2.3.0, there is an integer overflow caused by an out-of-bounds left shift in the opj_j2k_setup_encoder function (openjp2/j2k.c). Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file. |
CVE-2018-5785
|
| VCID-kx3w-j8sd-eqex | In OpenJPEG 2.3.0, there is excessive iteration in the opj_t1_encode_cblks function of openjp2/t1.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file. |
CVE-2018-6616
|
| VCID-n4rn-am8q-7yck |
CVE-2017-17480
|
|
| VCID-rqah-ek77-wqez | openjpeg: Heap-based buffer overflow in opj_t2_encode_packet function in lib/openjp2/t2.c |
CVE-2017-14039
|
| VCID-t6x8-2nny-pbh3 | multiple issues |
CVE-2020-27845
|
| VCID-u832-st7b-fkh1 | Division-by-zero vulnerabilities in the functions pi_next_pcrl, pi_next_cprl, and pi_next_rpcl in lib/openjp3d/pi.c in OpenJPEG through 2.3.0 allow remote attackers to cause a denial of service (application crash). |
CVE-2018-14423
|
| VCID-vch4-ws1q-hqev | openjpeg: Heap-based buffer overflow in opj_write_bytes_LE in cio.c |
CVE-2017-14152
|
| VCID-w3hd-1g1v-9bcs | multiple issues |
CVE-2020-15389
|
| VCID-x369-8ebu-wuh3 | multiple issues |
CVE-2020-27843
|
| VCID-xbtx-dhs1-jbdc | openjpeg: Invalid write access in bin/jp2/convert.c |
CVE-2017-14040
|
| VCID-zy2k-6dv6-afaf |
CVE-2017-12982
|