Vulnerabilities > Uclouvain > Openjpeg > 2.3.0

DATE CVE VULNERABILITY TITLE RISK
2018-03-02 CVE-2018-7648 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Uclouvain Openjpeg 2.3.0
An issue was discovered in mj2/opj_mj2_extract.c in OpenJPEG 2.3.0.
network
low complexity
uclouvain CWE-119
critical
 9.8
9.8
2018-02-04 CVE-2018-6616 Resource Exhaustion vulnerability in multiple products
In OpenJPEG 2.3.0, there is excessive iteration in the opj_t1_encode_cblks function of openjp2/t1.c.
local
low complexity
uclouvain debian canonical oracle CWE-400
5.5
5.5
2018-01-19 CVE-2018-5785 Integer Overflow or Wraparound vulnerability in multiple products
In OpenJPEG 2.3.0, there is an integer overflow caused by an out-of-bounds left shift in the opj_j2k_setup_encoder function (openjp2/j2k.c).
network
low complexity
uclouvain debian canonical CWE-190
6.5
6.5
2018-01-16 CVE-2018-5727 Integer Overflow or Wraparound vulnerability in Uclouvain Openjpeg 2.3.0
In OpenJPEG 2.3.0, there is an integer overflow vulnerability in the opj_t1_encode_cblks function (openjp2/t1.c).
network
low complexity
uclouvain CWE-190
6.5
6.5
2017-12-08 CVE-2017-17480 Out-of-bounds Write vulnerability in multiple products
In OpenJPEG 2.3.0, a stack-based buffer overflow was discovered in the pgxtovolume function in jp3d/convert.c.
network
low complexity
uclouvain debian canonical CWE-787
critical
 9.8
9.8
2017-12-08 CVE-2017-17479 Out-of-bounds Write vulnerability in Uclouvain Openjpeg 2.3.0
In OpenJPEG 2.3.0, a stack-based buffer overflow was discovered in the pgxtoimage function in jpwl/convert.c.
network
low complexity
uclouvain CWE-787
critical
 9.8
9.8
2017-09-06 CVE-2017-14164 Out-of-bounds Write vulnerability in Uclouvain Openjpeg
A size-validation issue was discovered in opj_j2k_write_sot in lib/openjp2/j2k.c in OpenJPEG 2.2.0.
network
low complexity
uclouvain CWE-787
8.8
8.8
2017-08-30 CVE-2017-14039 Out-of-bounds Write vulnerability in multiple products
A heap-based buffer overflow was discovered in the opj_t2_encode_packet function in lib/openjp2/t2.c in OpenJPEG 2.2.0.
network
low complexity
uclouvain debian CWE-787
8.8
8.8
2017-08-21 CVE-2017-12982 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Uclouvain Openjpeg
The bmp_read_info_header function in bin/jp2/convertbmp.c in OpenJPEG 2.2.0 does not reject headers with a zero biBitCount, which allows remote attackers to cause a denial of service (memory allocation failure) in the opj_image_create function in lib/openjp2/image.c, related to the opj_aligned_alloc_n function in opj_malloc.c.
local
low complexity
uclouvain CWE-119
5.5
5.5