Search CVE reports

21 – 30 of 74 results

Detailed view

Sort by:

CVE-2019-12973

Low priority

Some fixes available 12 of 85

In OpenJPEG 2.3.1, there is excessive iteration in the opj_t1_encode_cblks function of openjp2/t1.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file. This issue is similar to...

9 affected packages

blender, emscripten, gdcm, ghostscript, insighttoolkit4...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
blender	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
emscripten	Ignored	Ignored	Not in release	Ignored	Ignored
gdcm	Not affected	Not affected	Not affected	Not affected	Not affected
ghostscript	Not affected	Not affected	Not affected	Not affected	Not affected
insighttoolkit4	Not in release	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
openjpeg	Not in release	Not in release	Not in release	Not in release	Not affected
openjpeg2	Fixed	Fixed	Fixed	Fixed	Fixed
qtwebengine-opensource-src	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Not in release
texmaker	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2018-20847

Medium priority

Some fixes available 1 of 72

An improper computation of p_tx0, p_tx1, p_ty0 and p_ty1 in the function opj_get_encoding_parameters in openjp2/pi.c in OpenJPEG through 2.3.0 can lead to an integer overflow.

8 affected packages

blender, emscripten, gdcm, insighttoolkit4, openjpeg...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
blender	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
emscripten	Ignored	Ignored	Not in release	Ignored	Ignored
gdcm	Not affected	Not affected	Not affected	Not affected	Not affected
insighttoolkit4	Not in release	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
openjpeg	Not in release	Not in release	Not in release	Not in release	Not affected
openjpeg2	Not affected	Not affected	Not affected	Not affected	Fixed
qtwebengine-opensource-src	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Not in release
texmaker	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2018-20846

Medium priority

Needs evaluation

Out-of-bounds accesses in the functions pi_next_lrcp, pi_next_rlcp, pi_next_rpcl, pi_next_pcrl, pi_next_rpcl, and pi_next_cprl in openmj2/pi.c in OpenJPEG through 2.3.0 allow remote attackers to cause a denial of service...

8 affected packages

blender, emscripten, gdcm, insighttoolkit4, openjpeg...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
blender	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
emscripten	Ignored	Ignored	Not in release	Ignored	Ignored
gdcm	Not affected	Not affected	Not affected	Not affected	Not affected
insighttoolkit4	Not in release	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
openjpeg	Not in release	Not in release	Not in release	Not in release	Not affected
openjpeg2	Not affected	Not affected	Not affected	Not affected	Not affected
qtwebengine-opensource-src	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Not in release
texmaker	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2018-20845

Medium priority

Some fixes available 1 of 80

Division-by-zero vulnerabilities in the functions pi_next_pcrl, pi_next_cprl, and pi_next_rpcl in openmj2/pi.c in OpenJPEG through 2.3.0 allow remote attackers to cause a denial of service (application crash).

8 affected packages

blender, emscripten, gdcm, insighttoolkit4, openjpeg...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
blender	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
emscripten	Ignored	Ignored	Not in release	Ignored	Ignored
gdcm	Not affected	Not affected	Not affected	Not affected	Not affected
insighttoolkit4	Not in release	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
openjpeg	Not in release	Not in release	Not in release	Not in release	Not affected
openjpeg2	Not affected	Not affected	Not affected	Fixed	Not affected
qtwebengine-opensource-src	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Not in release
texmaker	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2019-7663

Medium priority

Some fixes available 4 of 52

An Invalid Address dereference was discovered in TIFFWriteDirectoryTagTransferfunction in libtiff/tif_dirwrite.c in LibTIFF 4.0.10, affecting the cpSeparateBufToContigBuf function in tiffcp.c. Remote attackers could leverage this...

9 affected packages

chromium, gdal, openjpeg2, qt4-x11, qtimageformats-opensource-src...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
chromium	Not in release	Not in release	Not in release	Not in release	Not in release
gdal	Not affected	Not affected	Not affected	Not affected	Vulnerable
openjpeg2	Not affected	Not affected	Not affected	Not affected	Not affected
qt4-x11	Not in release	Not in release	Not in release	Not affected	Not affected
qtimageformats-opensource-src	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
qtwebengine-opensource-src	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Not in release
texmaker	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
tiff	Not affected	Not affected	Not affected	Fixed	Fixed
tiff3	Not in release	Not in release	Not in release	Not in release	Not in release

CVE-2019-6988

Low priority

Vulnerable

An issue was discovered in OpenJPEG 2.3.0. It allows remote attackers to cause a denial of service (attempted excessive memory allocation) in opj_calloc in openjp2/opj_malloc.c, when called from opj_tcd_init_tile in openjp2/tcd.c,...

3 affected packages

ghostscript, openjpeg, openjpeg2

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
ghostscript	Not affected	Not affected	Not affected	Vulnerable	Vulnerable
openjpeg	Not in release	Not in release	Not in release	Not in release	Not affected
openjpeg2	Vulnerable	Vulnerable	Vulnerable	Vulnerable	Vulnerable

CVE-2018-18088

Medium priority

Some fixes available 3 of 5

OpenJPEG 2.3.0 has a NULL pointer dereference for "red" in the imagetopnm function of jp2/convert.c

2 affected packages

openjpeg, openjpeg2

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
openjpeg	Not in release	—	Not in release	Not in release	Fixed
openjpeg2	Not affected	Not affected	Not affected	Fixed	Fixed

CVE-2018-16376

Low priority

Ignored

An issue was discovered in OpenJPEG 2.3.0. A heap-based buffer overflow was discovered in the function t2_encode_packet in lib/openmj2/t2.c. The vulnerability causes an out-of-bounds write, which may lead to remote denial of...

2 affected packages

openjpeg, openjpeg2

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
openjpeg	—	—	Not in release	Not in release	Ignored
openjpeg2	—	—	Not affected	Not affected	Not affected

CVE-2018-16375

Medium priority

Some fixes available 1 of 4

An issue was discovered in OpenJPEG 2.3.0. Missing checks for header_info.height and header_info.width in the function pnmtoimage in bin/jpwl/convert.c can lead to a heap-based buffer overflow.

2 affected packages

openjpeg, openjpeg2

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
openjpeg	—	—	Not in release	Not in release	Not affected
openjpeg2	—	—	Not affected	Fixed	Not affected

CVE-2016-9580

Medium priority

Ignored

An integer overflow vulnerability was found in tiftoimage function in openjpeg 2.1.2, resulting in heap buffer overflow.

2 affected packages

openjpeg, openjpeg2

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
openjpeg	—	Not in release	Not in release	Not in release	Ignored
openjpeg2	—	Not affected	Not affected	Not affected	Not affected

Export to JSON

Results by page: