| Bug | bullseye | bookworm | trixie | sid | Description |
|---|
| CVE-2023-39329 | vulnerable (no DSA) | vulnerable (no DSA, postponed) | vulnerable | vulnerable | A flaw was found in OpenJPEG. A resource exhaustion can occur in the o ... |
| CVE-2023-39328 | vulnerable (no DSA) | vulnerable (no DSA, postponed) | vulnerable | vulnerable | A vulnerability was found in OpenJPEG similar to CVE-2019-6988. This f ... |
| CVE-2023-39327 | vulnerable (no DSA) | vulnerable (no DSA, postponed) | vulnerable | vulnerable | A flaw was found in OpenJPEG. Maliciously constructed pictures can cau ... |
| CVE-2022-1122 | vulnerable (no DSA) | fixed | fixed | fixed | A flaw was found in the opj2_decompress program in openjpeg2 2.4.0 in ... |
| CVE-2021-29338 | vulnerable (no DSA) | fixed | fixed | fixed | Integer Overflow in OpenJPEG v2.4.0 allows remote attackers to crash t ... |
| CVE-2021-3575 | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable | vulnerable | A heap-based buffer overflow was found in openjpeg in color.c:379:42 i ... |
| CVE-2019-6988 | vulnerable (no DSA, ignored) | vulnerable (no DSA, ignored) | vulnerable | vulnerable | An issue was discovered in OpenJPEG 2.3.0. It allows remote attackers ... |
| Bug | bullseye | bookworm | trixie | sid | Description |
|---|
| CVE-2018-20846 | vulnerable | vulnerable | vulnerable | vulnerable | Out-of-bounds accesses in the functions pi_next_lrcp, pi_next_rlcp, pi ... |
| CVE-2018-16376 | vulnerable | vulnerable | vulnerable | vulnerable | An issue was discovered in OpenJPEG 2.3.0. A heap-based buffer overflo ... |
| CVE-2018-16375 | vulnerable | vulnerable | vulnerable | vulnerable | An issue was discovered in OpenJPEG 2.3.0. Missing checks for header_i ... |
| CVE-2017-17479 | vulnerable | vulnerable | vulnerable | vulnerable | In OpenJPEG 2.3.0, a stack-based buffer overflow was discovered in the ... |
| CVE-2016-10506 | vulnerable | vulnerable | vulnerable | vulnerable | Division-by-zero vulnerabilities in the functions opj_pi_next_cprl, op ... |
| CVE-2016-10505 | vulnerable | vulnerable | vulnerable | vulnerable | NULL pointer dereference vulnerabilities in the imagetopnm function in ... |
| CVE-2016-9581 | vulnerable | vulnerable | vulnerable | vulnerable | An infinite loop vulnerability in tiftoimage that results in heap buff ... |
| CVE-2016-9580 | vulnerable | vulnerable | vulnerable | vulnerable | An integer overflow vulnerability was found in tiftoimage function in ... |
| CVE-2016-9117 | vulnerable | vulnerable | vulnerable | vulnerable | NULL Pointer Access in function imagetopnm of convert.c(jp2):1289 in O ... |
| CVE-2016-9116 | vulnerable | vulnerable | vulnerable | vulnerable | NULL Pointer Access in function imagetopnm of convert.c:2226(jp2) in O ... |
| CVE-2016-9115 | vulnerable | vulnerable | vulnerable | vulnerable | Heap Buffer Over-read in function imagetotga of convert.c(jp2):942 in ... |
| CVE-2016-9114 | vulnerable | vulnerable | vulnerable | vulnerable | There is a NULL Pointer Access in function imagetopnm of convert.c:194 ... |
| CVE-2016-9113 | vulnerable | vulnerable | vulnerable | vulnerable | There is a NULL pointer dereference in function imagetobmp of convertb ... |
| Bug | Description |
|---|
| CVE-2020-27845 | There's a flaw in src/lib/openjp2/pi.c of openjpeg in versions prior t ... |
| CVE-2020-27844 | A flaw was found in openjpeg's src/lib/openjp2/t2.c in versions prior ... |
| CVE-2020-27843 | A flaw was found in OpenJPEG in versions prior to 2.4.0. This flaw all ... |
| CVE-2020-27842 | There's a flaw in openjpeg's t2 encoder in versions prior to 2.4.0. An ... |
| CVE-2020-27841 | There's a flaw in openjpeg in versions prior to 2.4.0 in src/lib/openj ... |
| CVE-2020-27824 | A flaw was found in OpenJPEG\u2019s encoder in the opj_dwt_calc_explic ... |
| CVE-2020-27823 | A flaw was found in OpenJPEG\u2019s encoder. This flaw allows an attac ... |
| CVE-2020-27814 | A heap-buffer overflow was found in the way openjpeg2 handled certain ... |
| CVE-2020-15389 | jp2/opj_decompress.c in OpenJPEG through 2.3.1 has a use-after-free th ... |
| CVE-2020-8112 | opj_t1_clbl_decode_processor in openjp2/t1.c in OpenJPEG 2.3.1 through ... |
| CVE-2020-6851 | OpenJPEG through 2.3.1 has a heap-based buffer overflow in opj_t1_clbl ... |
| CVE-2019-12973 | In OpenJPEG 2.3.1, there is excessive iteration in the opj_t1_encode_c ... |
| CVE-2018-21010 | OpenJPEG before 2.3.1 has a heap buffer overflow in color_apply_icc_pr ... |
| CVE-2018-20847 | An improper computation of p_tx0, p_tx1, p_ty0 and p_ty1 in the functi ... |
| CVE-2018-20845 | Division-by-zero vulnerabilities in the functions pi_next_pcrl, pi_nex ... |
| CVE-2018-18088 | OpenJPEG 2.3.0 has a NULL pointer dereference for "red" in the imageto ... |
| CVE-2018-14423 | Division-by-zero vulnerabilities in the functions pi_next_pcrl, pi_nex ... |
| CVE-2018-7648 | An issue was discovered in mj2/opj_mj2_extract.c in OpenJPEG 2.3.0. Th ... |
| CVE-2018-6616 | In OpenJPEG 2.3.0, there is excessive iteration in the opj_t1_encode_c ... |
| CVE-2018-5785 | In OpenJPEG 2.3.0, there is an integer overflow caused by an out-of-bo ... |
| CVE-2018-5727 | In OpenJPEG 2.3.0, there is an integer overflow vulnerability in the o ... |
| CVE-2017-17480 | In OpenJPEG 2.3.0, a stack-based buffer overflow was discovered in the ... |
| CVE-2017-14164 | A size-validation issue was discovered in opj_j2k_write_sot in lib/ope ... |
| CVE-2017-14152 | A mishandled zero case was discovered in opj_j2k_set_cinema_parameters ... |
| CVE-2017-14151 | An off-by-one error was discovered in opj_tcd_code_block_enc_allocate_ ... |
| CVE-2017-14041 | A stack-based buffer overflow was discovered in the pgxtoimage functio ... |
| CVE-2017-14040 | An invalid write access was discovered in bin/jp2/convert.c in OpenJPE ... |
| CVE-2017-14039 | A heap-based buffer overflow was discovered in the opj_t2_encode_packe ... |
| CVE-2017-12982 | The bmp_read_info_header function in bin/jp2/convertbmp.c in OpenJPEG ... |
| CVE-2016-10507 | Integer overflow vulnerability in the bmp24toimage function in convert ... |
| CVE-2016-10504 | Heap-based buffer overflow vulnerability in the opj_mqc_byteout functi ... |
| CVE-2016-9573 | An out-of-bounds read vulnerability was found in OpenJPEG 2.1.2, in th ... |
| CVE-2016-9572 | A NULL pointer dereference flaw was found in the way openjpeg 2.1.2 de ... |
| CVE-2016-9118 | Heap Buffer Overflow (WRITE of size 4) in function pnmtoimage of conve ... |
| CVE-2016-9112 | Floating Point Exception (aka FPE or divide by zero) in opj_pi_next_cp ... |
| CVE-2016-8332 | A buffer overflow in OpenJPEG 2.1.1 causes arbitrary code execution wh ... |
| CVE-2016-7445 | convert.c in OpenJPEG before 2.1.2 allows remote attackers to cause a ... |
| CVE-2016-7163 | Integer overflow in the opj_pi_create_decode function in pi.c in OpenJ ... |
| CVE-2016-5159 | Multiple integer overflows in OpenJPEG, as used in PDFium in Google Ch ... |
| CVE-2016-5158 | Multiple integer overflows in the opj_tcd_init_tile function in tcd.c ... |
| CVE-2016-5157 | Heap-based buffer overflow in the opj_dwt_interleave_v function in dwt ... |
| CVE-2016-5152 | Integer overflow in the opj_tcd_get_decoded_tile_size function in tcd. ... |
| CVE-2016-5139 | Multiple integer overflows in the opj_tcd_init_tile function in tcd.c ... |
| CVE-2016-4797 | Divide-by-zero vulnerability in the opj_tcd_init_tile function in tcd. ... |
| CVE-2016-4796 | Heap-based buffer overflow in the color_cmyk_to_rgb in common/color.c ... |
| CVE-2016-3183 | The sycc422_t_rgb function in common/color.c in OpenJPEG before 2.1.1 ... |
| CVE-2016-3182 | The color_esycc_to_rgb function in bin/common/color.c in OpenJPEG befo ... |
| CVE-2016-1924 | The opj_tgt_reset function in OpenJpeg 2016.1.18 allows remote attacke ... |
| CVE-2016-1923 | Heap-based buffer overflow in the opj_j2k_update_image_data function i ... |
| CVE-2016-1628 | pi.c in OpenJPEG, as used in PDFium in Google Chrome before 48.0.2564. ... |
| CVE-2016-1626 | The opj_pi_update_decode_poc function in pi.c in OpenJPEG, as used in ... |
| CVE-2015-8871 | Use-after-free vulnerability in the opj_j2k_write_mco function in j2k. ... |
| CVE-2015-6581 | Double free vulnerability in the opj_j2k_copy_default_tcp_and_create_t ... |
| CVE-2015-1239 | Double free vulnerability in the j2k_read_ppm_v3 function in OpenJPEG ... |
| CVE-2014-7947 | OpenJPEG before r2944, as used in PDFium in Google Chrome before 40.0. ... |