Vulnerabilities > Uclouvain > Openjpeg > 2.4.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-03-29 | CVE-2022-1122 | Improper Initialization vulnerability in multiple products A flaw was found in the opj2_decompress program in openjpeg2 2.4.0 in the way it handles an input directory with a large number of files. | 5.5 |
2022-03-04 | CVE-2021-3575 | Out-of-bounds Write vulnerability in multiple products A heap-based buffer overflow was found in openjpeg in color.c:379:42 in sycc420_to_rgb when decompressing a crafted .j2k file. | 7.8 |
2021-04-14 | CVE-2021-29338 | Integer Overflow or Wraparound vulnerability in multiple products Integer Overflow in OpenJPEG v2.4.0 allows remote attackers to crash the application, causing a Denial of Service (DoS). | 5.5 |