Vulnerabilities > Uclouvain > Openjpeg > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-01-16 | CVE-2018-5727 | Integer Overflow or Wraparound vulnerability in Uclouvain Openjpeg 2.3.0 In OpenJPEG 2.3.0, there is an integer overflow vulnerability in the opj_t1_encode_cblks function (openjp2/t1.c). | 4.3 |
| 2017-10-18 | CVE-2015-1239 | Double Free vulnerability in multiple products Double free vulnerability in the j2k_read_ppm_v3 function in OpenJPEG before r2997, as used in PDFium in Google Chrome, allows remote attackers to cause a denial of service (process crash) via a crafted PDF. | 6.5 |
| 2017-09-06 | CVE-2017-14164 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Uclouvain Openjpeg A size-validation issue was discovered in opj_j2k_write_sot in lib/openjp2/j2k.c in OpenJPEG 2.2.0. | 6.8 |
| 2017-09-05 | CVE-2017-14152 | Out-of-bounds Write vulnerability in multiple products A mishandled zero case was discovered in opj_j2k_set_cinema_parameters in lib/openjp2/j2k.c in OpenJPEG 2.2.0. | 6.8 |
| 2017-09-05 | CVE-2017-14151 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An off-by-one error was discovered in opj_tcd_code_block_enc_allocate_data in lib/openjp2/tcd.c in OpenJPEG 2.2.0. | 6.8 |
| 2017-08-30 | CVE-2017-14041 | Out-of-bounds Write vulnerability in multiple products A stack-based buffer overflow was discovered in the pgxtoimage function in bin/jp2/convert.c in OpenJPEG 2.2.0. | 6.8 |
| 2017-08-30 | CVE-2017-14040 | Out-of-bounds Write vulnerability in multiple products An invalid write access was discovered in bin/jp2/convert.c in OpenJPEG 2.2.0, triggering a crash in the tgatoimage function. | 6.8 |
| 2017-08-30 | CVE-2017-14039 | Out-of-bounds Write vulnerability in multiple products A heap-based buffer overflow was discovered in the opj_t2_encode_packet function in lib/openjp2/t2.c in OpenJPEG 2.2.0. | 6.8 |
| 2017-08-30 | CVE-2016-10507 | Integer Overflow or Wraparound vulnerability in Uclouvain Openjpeg Integer overflow vulnerability in the bmp24toimage function in convertbmp.c in OpenJPEG before 2.2.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted bmp file. | 4.3 |
| 2017-08-30 | CVE-2016-10506 | Divide By Zero vulnerability in Uclouvain Openjpeg Division-by-zero vulnerabilities in the functions opj_pi_next_cprl, opj_pi_next_pcrl, and opj_pi_next_rpcl in pi.c in OpenJPEG before 2.2.0 allow remote attackers to cause a denial of service (application crash) via crafted j2k files. | 4.3 |