Summary
| Detail | |||
|---|---|---|---|
| Vendor | Uclouvain | First view | 2012-07-18 |
| Product | Openjpeg | Last view | 2022-03-04 |
| Version | 1.5 | Type | Application |
| Update | * | ||
| Edition | * | ||
| Language | * | ||
| Sofware Edition | * | ||
| Target Software | * | ||
| Target Hardware | * | ||
| Other | * | ||
| CPE Product | cpe:2.3:a:uclouvain:openjpeg | ||
Activity : Overall
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 7.8 | 2022-03-04 | CVE-2021-3575 | A heap-based buffer overflow was found in openjpeg in color.c:379:42 in sycc420_to_rgb when decompressing a crafted .j2k file. An attacker could use this to execute arbitrary code with the permissions of the application compiled against openjpeg. |
| 5.5 | 2021-05-13 | CVE-2020-27824 | A flaw was found in OpenJPEG’s encoder in the opj_dwt_calc_explicit_stepsizes() function. This flaw allows an attacker who can supply crafted input to decomposition levels to cause a buffer overflow. The highest threat from this vulnerability is to system availability. |
| 7.8 | 2021-05-13 | CVE-2020-27823 | A flaw was found in OpenJPEG’s encoder. This flaw allows an attacker to pass specially crafted x,y offset input to OpenJPEG to use during encoding. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. |
| 7.8 | 2021-01-26 | CVE-2020-27814 | A heap-buffer overflow was found in the way openjpeg2 handled certain PNG format files. An attacker could use this flaw to cause an application crash or in some cases execute arbitrary code with the permission of the user running such an application. |
| 5.5 | 2021-01-05 | CVE-2020-27845 | There's a flaw in src/lib/openjp2/pi.c of openjpeg in versions prior to 2.4.0. If an attacker is able to provide untrusted input to openjpeg's conversion/encoding functionality, they could cause an out-of-bounds read. The highest impact of this flaw is to application availability. |
| 7.8 | 2021-01-05 | CVE-2020-27844 | A flaw was found in openjpeg's src/lib/openjp2/t2.c in versions prior to 2.4.0. This flaw allows an attacker to provide crafted input to openjpeg during conversion and encoding, causing an out-of-bounds write. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. |
| 5.5 | 2021-01-05 | CVE-2020-27843 | A flaw was found in OpenJPEG in versions prior to 2.4.0. This flaw allows an attacker to provide specially crafted input to the conversion or encoding functionality, causing an out-of-bounds read. The highest threat from this vulnerability is system availability. |
| 5.5 | 2021-01-05 | CVE-2020-27842 | There's a flaw in openjpeg's t2 encoder in versions prior to 2.4.0. An attacker who is able to provide crafted input to be processed by openjpeg could cause a null pointer dereference. The highest impact of this flaw is to application availability. |
| 5.5 | 2021-01-05 | CVE-2020-27841 | There's a flaw in openjpeg in versions prior to 2.4.0 in src/lib/openjp2/pi.c. When an attacker is able to provide crafted input to be processed by the openjpeg encoder, this could cause an out-of-bounds read. The greatest impact from this flaw is to application availability. |
| 6.5 | 2020-06-29 | CVE-2020-15389 | jp2/opj_decompress.c in OpenJPEG through 2.3.1 has a use-after-free that can be triggered if there is a mix of valid and invalid files in a directory operated on by the decompressor. Triggering a double-free may also be possible. This is related to calling opj_image_destroy twice. |
| 5.5 | 2020-02-20 | CVE-2016-3182 | The color_esycc_to_rgb function in bin/common/color.c in OpenJPEG before 2.1.1 allows attackers to cause a denial of service (memory corruption) via a crafted jpeg 2000 file. |
| 7.5 | 2020-01-13 | CVE-2020-6851 | OpenJPEG through 2.3.1 has a heap-based buffer overflow in opj_t1_clbl_decode_processor in openjp2/t1.c because of lack of opj_j2k_update_image_dimensions validation. |
| 8.8 | 2019-09-05 | CVE-2018-21010 | OpenJPEG before 2.3.1 has a heap buffer overflow in color_apply_icc_profile in bin/common/color.c. |
| 8.8 | 2019-06-26 | CVE-2018-20847 | An improper computation of p_tx0, p_tx1, p_ty0 and p_ty1 in the function opj_get_encoding_parameters in openjp2/pi.c in OpenJPEG through 2.3.0 can lead to an integer overflow. |
| 6.5 | 2019-06-26 | CVE-2018-20846 | Out-of-bounds accesses in the functions pi_next_lrcp, pi_next_rlcp, pi_next_rpcl, pi_next_pcrl, pi_next_rpcl, and pi_next_cprl in openmj2/pi.c in OpenJPEG through 2.3.0 allow remote attackers to cause a denial of service (application crash). |
| 6.5 | 2019-06-26 | CVE-2018-20845 | Division-by-zero vulnerabilities in the functions pi_next_pcrl, pi_next_cprl, and pi_next_rpcl in openmj2/pi.c in OpenJPEG through 2.3.0 allow remote attackers to cause a denial of service (application crash). |
| 7.5 | 2018-07-19 | CVE-2018-14423 | Division-by-zero vulnerabilities in the functions pi_next_pcrl, pi_next_cprl, and pi_next_rpcl in lib/openjp3d/pi.c in OpenJPEG through 2.3.0 allow remote attackers to cause a denial of service (application crash). |
| 8.8 | 2018-04-10 | CVE-2014-0158 | Heap-based buffer overflow in the JPEG2000 image tile decoder in OpenJPEG before 1.5.2 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file because of incorrect j2k_decode, j2k_read_eoc, and tcd_decode_tile interaction, a related issue to CVE-2013-6045. NOTE: this is not a duplicate of CVE-2013-1447, because the scope of CVE-2013-1447 was specifically defined in http://openwall.com/lists/oss-security/2013/12/04/6 as only "null pointer dereferences, division by zero, and anything that would just fit as DoS." |
| 6.5 | 2017-10-18 | CVE-2015-1239 | Double free vulnerability in the j2k_read_ppm_v3 function in OpenJPEG before r2997, as used in PDFium in Google Chrome, allows remote attackers to cause a denial of service (process crash) via a crafted PDF. |
| 8.8 | 2017-09-06 | CVE-2017-14164 | A size-validation issue was discovered in opj_j2k_write_sot in lib/openjp2/j2k.c in OpenJPEG 2.2.0. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service (heap-based buffer overflow affecting opj_write_bytes_LE in lib/openjp2/cio.c) or possibly remote code execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2017-14152. |
| 8.8 | 2017-08-30 | CVE-2017-14039 | A heap-based buffer overflow was discovered in the opj_t2_encode_packet function in lib/openjp2/t2.c in OpenJPEG 2.2.0. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service or possibly unspecified other impact. |
| 6.5 | 2017-08-30 | CVE-2016-10507 | Integer overflow vulnerability in the bmp24toimage function in convertbmp.c in OpenJPEG before 2.2.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted bmp file. |
| 6.5 | 2017-08-30 | CVE-2016-10506 | Division-by-zero vulnerabilities in the functions opj_pi_next_cprl, opj_pi_next_pcrl, and opj_pi_next_rpcl in pi.c in OpenJPEG before 2.2.0 allow remote attackers to cause a denial of service (application crash) via crafted j2k files. |
| 6.5 | 2017-08-30 | CVE-2016-10505 | NULL pointer dereference vulnerabilities in the imagetopnm function in convert.c, sycc444_to_rgb function in color.c, color_esycc_to_rgb function in color.c, and sycc422_to_rgb function in color.c in OpenJPEG before 2.2.0 allow remote attackers to cause a denial of service (application crash) via crafted j2k files. |
| 6.5 | 2017-08-30 | CVE-2016-10504 | Heap-based buffer overflow vulnerability in the opj_mqc_byteout function in mqc.c in OpenJPEG before 2.2.0 allows remote attackers to cause a denial of service (application crash) via a crafted bmp file. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 31% (11) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
| 17% (6) | CWE-787 | Out-of-bounds Write |
| 11% (4) | CWE-369 | Divide By Zero |
| 8% (3) | CWE-190 | Integer Overflow or Wraparound |
| 8% (3) | CWE-125 | Out-of-bounds Read |
| 5% (2) | CWE-476 | NULL Pointer Dereference |
| 5% (2) | CWE-416 | Use After Free |
| 2% (1) | CWE-415 | Double Free |
| 2% (1) | CWE-189 | Numeric Errors |
| 2% (1) | CWE-120 | Buffer Copy without Checking Size of Input ('Classic Buffer Overflo... |
| 2% (1) | CWE-20 | Improper Input Validation |
OpenVAS Exploits
| id | Description |
|---|---|
| 2012-11-02 | Name : Fedora Update for openjpeg FEDORA-2012-14717 File : nvt/gb_fedora_2012_14717_openjpeg_fc17.nasl |
| 2012-10-23 | Name : Fedora Update for openjpeg FEDORA-2012-14707 File : nvt/gb_fedora_2012_14707_openjpeg_fc16.nasl |
| 2012-10-05 | Name : Mandriva Update for openjpeg MDVSA-2012:157 (openjpeg) File : nvt/gb_mandriva_MDVSA_2012_157.nasl |
| 2012-09-22 | Name : CentOS Update for openjpeg CESA-2012:1283 centos6 File : nvt/gb_CESA-2012_1283_openjpeg_centos6.nasl |
| 2012-09-22 | Name : RedHat Update for openjpeg RHSA-2012:1283-01 File : nvt/gb_RHSA-2012_1283-01_openjpeg.nasl |
| 2012-08-30 | Name : Fedora Update for openjpeg FEDORA-2012-9602 File : nvt/gb_fedora_2012_9602_openjpeg_fc17.nasl |
| 2012-07-30 | Name : CentOS Update for openjpeg CESA-2012:1068 centos6 File : nvt/gb_CESA-2012_1068_openjpeg_centos6.nasl |
| 2012-07-16 | Name : RedHat Update for openjpeg RHSA-2012:1068-01 File : nvt/gb_RHSA-2012_1068-01_openjpeg.nasl |
| 2012-07-16 | Name : Mandriva Update for openjpeg MDVSA-2012:104 (openjpeg) File : nvt/gb_mandriva_MDVSA_2012_104.nasl |
| 2012-06-28 | Name : Fedora Update for openjpeg FEDORA-2012-9628 File : nvt/gb_fedora_2012_9628_openjpeg_fc16.nasl |
Nessus® Vulnerability Scanner
| id | Description |
|---|---|
| 2018-12-24 | Name: The remote Debian host is missing a security update. File: debian_DLA-1614.nasl - Type: ACT_GATHER_INFO |
| 2018-07-20 | Name: The remote Debian host is missing a security update. File: debian_DLA-1433.nasl - Type: ACT_GATHER_INFO |
| 2018-01-15 | Name: The remote Fedora host is missing a security update. File: fedora_2017-a5bb95b447.nasl - Type: ACT_GATHER_INFO |
| 2017-11-02 | Name: The remote Debian host is missing a security-related update. File: debian_DSA-4013.nasl - Type: ACT_GATHER_INFO |
| 2017-10-23 | Name: The remote Gentoo host is missing one or more security-related patches. File: gentoo_GLSA-201710-26.nasl - Type: ACT_GATHER_INFO |
| 2017-10-11 | Name: The remote openSUSE host is missing a security update. File: openSUSE-2017-1142.nasl - Type: ACT_GATHER_INFO |
| 2017-10-09 | Name: The remote Slackware host is missing a security update. File: Slackware_SSA_2017-279-02.nasl - Type: ACT_GATHER_INFO |
| 2017-10-06 | Name: The remote SUSE host is missing one or more security updates. File: suse_SU-2017-2649-1.nasl - Type: ACT_GATHER_INFO |
| 2017-09-11 | Name: The remote Fedora host is missing one or more security updates. File: fedora_2017-deefb26e8b.nasl - Type: ACT_GATHER_INFO |
| 2017-09-05 | Name: The remote Fedora host is missing one or more security updates. File: fedora_2017-06cace06ce.nasl - Type: ACT_GATHER_INFO |
| 2017-08-18 | Name: The remote openSUSE host is missing a security update. File: openSUSE-2017-943.nasl - Type: ACT_GATHER_INFO |
| 2017-08-14 | Name: The remote SUSE host is missing one or more security updates. File: suse_SU-2017-2144-1.nasl - Type: ACT_GATHER_INFO |
| 2017-07-13 | Name: The remote Virtuozzo host is missing a security update. File: Virtuozzo_VZLSA-2017-0838.nasl - Type: ACT_GATHER_INFO |
| 2017-07-13 | Name: The remote Virtuozzo host is missing a security update. File: Virtuozzo_VZLSA-2017-0559.nasl - Type: ACT_GATHER_INFO |
| 2017-06-09 | Name: The remote EulerOS host is missing multiple security updates. File: EulerOS_SA-2017-1088.nasl - Type: ACT_GATHER_INFO |
| 2017-05-01 | Name: The remote EulerOS host is missing multiple security updates. File: EulerOS_SA-2017-1060.nasl - Type: ACT_GATHER_INFO |
| 2017-03-30 | Name: The remote CentOS host is missing one or more security updates. File: centos_RHSA-2017-0838.nasl - Type: ACT_GATHER_INFO |
| 2017-03-24 | Name: The remote Scientific Linux host is missing one or more security updates. File: sl_20170322_openjpeg_on_SL7_x.nasl - Type: ACT_GATHER_INFO |
| 2017-03-23 | Name: The remote Red Hat host is missing one or more security updates. File: redhat-RHSA-2017-0838.nasl - Type: ACT_GATHER_INFO |
| 2017-03-23 | Name: The remote Amazon Linux AMI host is missing a security update. File: ala_ALAS-2017-807.nasl - Type: ACT_GATHER_INFO |
| 2017-03-23 | Name: The remote Oracle Linux host is missing one or more security updates. File: oraclelinux_ELSA-2017-0838.nasl - Type: ACT_GATHER_INFO |
| 2017-03-23 | Name: The remote OracleVM host is missing a security update. File: oraclevm_OVMSA-2017-0048.nasl - Type: ACT_GATHER_INFO |
| 2017-03-21 | Name: The remote Scientific Linux host is missing one or more security updates. File: sl_20170319_openjpeg_on_SL6_x.nasl - Type: ACT_GATHER_INFO |
| 2017-03-21 | Name: The remote CentOS host is missing one or more security updates. File: centos_RHSA-2017-0559.nasl - Type: ACT_GATHER_INFO |
| 2017-03-20 | Name: The remote Red Hat host is missing one or more security updates. File: redhat-RHSA-2017-0559.nasl - Type: ACT_GATHER_INFO |
