| CVE-2020-27845 |
Medium |
No |
Denial of service |
An out-of-bounds read was discovered in lib/openjp2/pi.c:312 in OpenJPEG before version 2.4.0. |
| CVE-2020-27843 |
Medium |
No |
Denial of service |
An out-of-bounds read was found in opj_t2_encode_packet when small precincts and an origin shift are given in OpenJPEG before version 2.4.0. |
| CVE-2020-27842 |
Medium |
No |
Denial of service |
A null pointer dereference issue was found in lib/openjp2/tgt.c when a small precincts size, the option "-TP C" and non (0,0) grid offset are given in... |
| CVE-2020-27841 |
Medium |
No |
Denial of service |
An out-of-bounds read was discovered in lib/openjp2/pi.c:623 in OpenJPEG before version 2.4.0. |
| CVE-2020-27824 |
Medium |
No |
Denial of service |
In OpenJPEG before version 2.4.0, if too many decomposition levels are supplied to the encoder, it could cause a global buffer overflow to out-of-bounds... |
| CVE-2020-27814 |
Medium |
No |
Arbitrary code execution |
A heap-buffer overwrite error was discovered in lib/openjp2/mqc.c in OpenJPEG before version 2.4.0. The vulnerability causes an out-of- bounds write, which... |
| CVE-2020-15389 |
Medium |
No |
Denial of service |
jp2/opj_decompress.c in OpenJPEG before version 2.4.0 has a use-after- free that can be triggered if there is a mix of valid and invalid files in a... |
| CVE-2020-8112 |
Medium |
No |
Arbitrary code execution |
opj_t1_clbl_decode_processor in openjp2/t1.c in OpenJPEG before version 2.4.0 has a heap-based buffer overflow in the qmfbid==1 case, a different issue than... |
| CVE-2020-6851 |
Medium |
No |
Arbitrary code execution |
OpenJPEG before version 2.4.0 has a heap-based buffer overflow in opj_t1_clbl_decode_processor in openjp2/t1.c because of lack of... |
| CVE-2019-12973 |
Medium |
No |
Denial of service |
In OpenJPEG before version 2.4.0, there is excessive iteration in the opj_t1_encode_cblks function of openjp2/t1.c. Remote attackers could leverage this... |