High

DATE	CVE	VULNERABILITY TITLE	RISK
2022-03-04	CVE-2021-3575	Out-of-bounds Write vulnerability in multiple products A heap-based buffer overflow was found in openjpeg in color.c:379:42 in sycc420_to_rgb when decompressing a crafted .j2k file. local low complexity uclouvain redhat fedoraproject CWE-787	7.8
2021-05-13	CVE-2020-27823	Classic Buffer Overflow vulnerability in multiple products A flaw was found in OpenJPEG’s encoder. local low complexity uclouvain fedoraproject debian CWE-120	7.8
2021-01-26	CVE-2020-27814	Heap-based Buffer Overflow vulnerability in multiple products A heap-buffer overflow was found in the way openjpeg2 handled certain PNG format files. local low complexity uclouvain debian CWE-122	7.8
2021-01-05	CVE-2020-27844	Improper Input Validation vulnerability in multiple products A flaw was found in openjpeg's src/lib/openjp2/t2.c in versions prior to 2.4.0. local low complexity uclouvain debian oracle CWE-20	7.8
2020-01-28	CVE-2020-8112	Out-of-bounds Write vulnerability in multiple products opj_t1_clbl_decode_processor in openjp2/t1.c in OpenJPEG 2.3.1 through 2020-01-28 has a heap-based buffer overflow in the qmfbid==1 case, a different issue than CVE-2020-6851. network low complexity uclouvain debian CWE-787	8.8
2020-01-13	CVE-2020-6851	Out-of-bounds Write vulnerability in multiple products OpenJPEG through 2.3.1 has a heap-based buffer overflow in opj_t1_clbl_decode_processor in openjp2/t1.c because of lack of opj_j2k_update_image_dimensions validation. network low complexity uclouvain fedoraproject debian redhat oracle CWE-787	7.5
2019-09-05	CVE-2018-21010	Out-of-bounds Write vulnerability in multiple products OpenJPEG before 2.3.1 has a heap buffer overflow in color_apply_icc_profile in bin/common/color.c. network low complexity uclouvain debian CWE-787	8.8
2019-06-26	CVE-2018-20847	Integer Overflow or Wraparound vulnerability in multiple products An improper computation of p_tx0, p_tx1, p_ty0 and p_ty1 in the function opj_get_encoding_parameters in openjp2/pi.c in OpenJPEG through 2.3.0 can lead to an integer overflow. network low complexity uclouvain debian CWE-190	8.8
2018-08-01	CVE-2016-9580	Heap-based Buffer Overflow vulnerability in Uclouvain Openjpeg 2.1.2 An integer overflow vulnerability was found in tiftoimage function in openjpeg 2.1.2, resulting in heap buffer overflow. network low complexity uclouvain CWE-122	8.8
2018-08-01	CVE-2016-9581	Infinite Loop vulnerability in Uclouvain Openjpeg 2.1.2 An infinite loop vulnerability in tiftoimage that results in heap buffer overflow in convert_32s_C1P1 was found in openjpeg 2.1.2. network low complexity uclouvain CWE-835	8.8