Vulnerabilities > Uclouvain > Openjpeg > 2.2.0

DATE CVE VULNERABILITY TITLE RISK
2022-03-04 CVE-2021-3575 A heap-based buffer overflow was found in openjpeg in color.c:379:42 in sycc420_to_rgb when decompressing a crafted .j2k file.
local
low complexity
uclouvain redhat fedoraproject
7.8
7.8
2021-05-13 CVE-2020-27823 Classic Buffer Overflow vulnerability in multiple products
A flaw was found in OpenJPEG’s encoder.
local
low complexity
uclouvain fedoraproject debian CWE-120
7.8
7.8
2021-05-13 CVE-2020-27824 Out-of-bounds Read vulnerability in multiple products
A flaw was found in OpenJPEG’s encoder in the opj_dwt_calc_explicit_stepsizes() function. 		5.5
5.5
2021-01-26 CVE-2020-27814 A heap-buffer overflow was found in the way openjpeg2 handled certain PNG format files.
local
low complexity
uclouvain debian
7.8
7.8
2021-01-05 CVE-2020-27845 There's a flaw in src/lib/openjp2/pi.c of openjpeg in versions prior to 2.4.0.
local
low complexity
uclouvain fedoraproject debian oracle
5.5
5.5
2021-01-05 CVE-2020-27844 A flaw was found in openjpeg's src/lib/openjp2/t2.c in versions prior to 2.4.0.
local
low complexity
uclouvain debian oracle
7.8
7.8
2021-01-05 CVE-2020-27843 Out-of-bounds Read vulnerability in multiple products
A flaw was found in OpenJPEG in versions prior to 2.4.0. 		5.5
5.5
2021-01-05 CVE-2020-27842 There's a flaw in openjpeg's t2 encoder in versions prior to 2.4.0.
local
low complexity
uclouvain fedoraproject debian redhat oracle
5.5
5.5
2021-01-05 CVE-2020-27841 There's a flaw in openjpeg in versions prior to 2.4.0 in src/lib/openjp2/pi.c.
local
low complexity
uclouvain fedoraproject debian oracle
5.5
5.5
2020-06-29 CVE-2020-15389 Use After Free vulnerability in multiple products
jp2/opj_decompress.c in OpenJPEG through 2.3.1 has a use-after-free that can be triggered if there is a mix of valid and invalid files in a directory operated on by the decompressor.
network
high complexity
uclouvain debian oracle CWE-416
6.5
6.5