Search for packages
| purl | pkg:deb/debian/openjpeg2@2.4.0-3 |
| Next non-vulnerable version | 2.5.0-2+deb12u1 |
| Latest non-vulnerable version | 2.5.0-2+deb12u1 |
| Risk | 3.5 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-brmp-q4j4-x3av
Aliases: CVE-2021-29338 |
multiple issues |
Affected by 0 other vulnerabilities. |
|
VCID-cugy-xu5m-kqcs
Aliases: CVE-2021-3575 |
arbitrary code execution |
Affected by 0 other vulnerabilities. |
|
VCID-fqag-ebfc-4bbb
Aliases: CVE-2024-56827 |
A flaw was found in the OpenJPEG project. A heap buffer overflow condition may be triggered when certain options are specified while using the opj_decompress utility. This can lead to an application crash or other undefined behavior. |
Affected by 0 other vulnerabilities. |
|
VCID-t3q5-ahs2-ebbt
Aliases: CVE-2022-1122 |
A flaw was found in the opj2_decompress program in openjpeg2 2.4.0 in the way it handles an input directory with a large number of files. When it fails to allocate a buffer to store the filenames of the input directory, it calls free() on an uninitialized pointer, leading to a segmentation fault and a denial of service. |
Affected by 0 other vulnerabilities. |
|
VCID-yhvk-n5vb-muas
Aliases: CVE-2024-56826 |
A flaw was found in the OpenJPEG project. A heap buffer overflow condition may be triggered when certain options are specified while using the opj_decompress utility. This can lead to an application crash or other undefined behavior. |
Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-13a6-pz6g-gqch | multiple issues |
CVE-2020-8112
|
| VCID-2u1h-j78k-kudq | An improper computation of p_tx0, p_tx1, p_ty0 and p_ty1 in the function opj_get_encoding_parameters in openjp2/pi.c in OpenJPEG through 2.3.0 can lead to an integer overflow. |
CVE-2018-20847
|
| VCID-3dqb-b7k1-kfcn | multiple issues |
CVE-2020-27842
|
| VCID-6fbp-vvxd-mbh7 | An issue was discovered in mj2/opj_mj2_extract.c in OpenJPEG 2.3.0. The output prefix was not checked for length, which could overflow a buffer, when providing a prefix with 50 or more characters on the command line. |
CVE-2018-7648
|
| VCID-8cae-ujfd-y7gf | multiple issues |
CVE-2020-27841
|
| VCID-8gbs-r68g-vqbk | Division-by-zero vulnerabilities in the functions pi_next_pcrl, pi_next_cprl, and pi_next_rpcl in openmj2/pi.c in OpenJPEG through 2.3.0 allow remote attackers to cause a denial of service (application crash). |
CVE-2018-20845
|
| VCID-8xpd-u17s-y7fc | multiple issues |
CVE-2020-27824
|
| VCID-agbs-qzdk-j3h2 | multiple issues |
CVE-2020-6851
|
| VCID-dp8a-x9bz-kkhz | OpenJPEG before 2.3.1 has a heap buffer overflow in color_apply_icc_profile in bin/common/color.c. |
CVE-2018-21010
|
| VCID-gr4q-e4fa-97fb | arbitrary code execution |
CVE-2020-27823
|
| VCID-h86r-7qed-gkhk | multiple issues |
CVE-2020-27814
|
| VCID-ssrc-hs6m-pfcp | In OpenJPEG 2.3.0, there is an integer overflow vulnerability in the opj_t1_encode_cblks function (openjp2/t1.c). Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file. |
CVE-2018-5727
|
| VCID-t6x8-2nny-pbh3 | multiple issues |
CVE-2020-27845
|
| VCID-w3hd-1g1v-9bcs | multiple issues |
CVE-2020-15389
|
| VCID-x369-8ebu-wuh3 | multiple issues |
CVE-2020-27843
|
| VCID-x3gk-a7k1-rfc1 | multiple issues |
CVE-2019-12973
|