AVG-1390 log

Package openjpeg2
Status Vulnerable
Severity Medium
Type multiple issues
Affected 2.4.0-1
Fixed Unknown
Current 2.5.0-2 [extra]
Ticket Create
Created Tue Dec 29 11:13:58 2020
Issue Severity Remote Type Description
CVE-2021-29338 Low Yes Denial of service
Integer Overflow in OpenJPEG v2.4.0 allows remote attackers to crash the application, causing a Denial of Service (DoS). This occurs when the attacker uses...
CVE-2021-3575 Medium Yes Arbitrary code execution
A heap-based buffer overflow was found in openjpeg in color.c:379:42 in sycc420_to_rgb when decompressing a crafted .j2k file. An attacker could use this to...
CVE-2019-6988 Low Yes Denial of service
An issue has been discovered in OpenJPEG 2.4.0. It allows remote attackers to cause a denial of service (attempted excessive memory allocation) in...
CVE-2018-20846 Low Yes Denial of service
Out-of-bounds accesses in the functions pi_next_lrcp, pi_next_rlcp, pi_next_rpcl, pi_next_pcrl, pi_next_rpcl, and pi_next_cprl in openmj2/pi.c in OpenJPEG...
CVE-2018-16376 Medium Yes Arbitrary code execution
An issue was discovered in OpenJPEG 2.4.0. A heap-based buffer overflow was discovered in the function t2_encode_packet in lib/openmj2/t2.c. The...