| Max CVSS | 7.5 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2018-5785 | 4.3 |
In OpenJPEG 2.3.0, there is an integer overflow caused by an out-of-bounds left shift in the opj_j2k_setup_encoder function (openjp2/j2k.c). Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file.
|
03-02-2021 - 16:13 | 19-01-2018 - 08:29 | |
| CVE-2018-6616 | 4.3 |
In OpenJPEG 2.3.0, there is excessive iteration in the opj_t1_encode_cblks function of openjp2/t1.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file.
|
03-02-2021 - 16:12 | 04-02-2018 - 22:29 | |
| CVE-2017-17480 | 7.5 |
In OpenJPEG 2.3.0, a stack-based buffer overflow was discovered in the pgxtovolume function in jp3d/convert.c. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service or possibly remote code execution.
|
03-02-2021 - 16:07 | 08-12-2017 - 19:29 | |
| CVE-2018-14423 | 5.0 |
Division-by-zero vulnerabilities in the functions pi_next_pcrl, pi_next_cprl, and pi_next_rpcl in lib/openjp3d/pi.c in OpenJPEG through 2.3.0 allow remote attackers to cause a denial of service (application crash).
|
09-09-2020 - 19:57 | 19-07-2018 - 19:29 | |
| CVE-2018-18088 | 4.3 |
OpenJPEG 2.3.0 has a NULL pointer dereference for "red" in the imagetopnm function of jp2/convert.c
|
21-08-2019 - 20:15 | 09-10-2018 - 20:29 |