| Max CVSS | 6.8 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2020-15389 | 5.8 |
jp2/opj_decompress.c in OpenJPEG through 2.3.1 has a use-after-free that can be triggered if there is a mix of valid and invalid files in a directory operated on by the decompressor. Triggering a double-free may also be possible. This is related to c
|
06-10-2022 - 17:59 | 29-06-2020 - 21:15 | |
| CVE-2019-12973 | 4.3 |
In OpenJPEG 2.3.1, there is excessive iteration in the opj_t1_encode_cblks function of openjp2/t1.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file. This issue is similar to CVE-2018-6616.
|
05-10-2022 - 20:37 | 26-06-2019 - 18:15 | |
| CVE-2020-6851 | 5.0 |
OpenJPEG through 2.3.1 has a heap-based buffer overflow in opj_t1_clbl_decode_processor in openjp2/t1.c because of lack of opj_j2k_update_image_dimensions validation.
|
29-04-2022 - 13:24 | 13-01-2020 - 06:15 | |
| CVE-2020-8112 | 6.8 |
opj_t1_clbl_decode_processor in openjp2/t1.c in OpenJPEG 2.3.1 through 2020-01-28 has a heap-based buffer overflow in the qmfbid==1 case, a different issue than CVE-2020-6851.
|
02-04-2021 - 12:15 | 28-01-2020 - 18:15 |