AVG-1390 log
| Package | openjpeg2 |
| Status | Fixed |
| Severity | Medium |
| Type | multiple issues |
| Affected | 2.4.0-1 |
| Fixed | 2.5.0-1 |
| Current | 2.5.4-1 [extra] |
| Ticket | None |
| Created | Tue Dec 29 11:13:58 2020 |
| Advisory | Pending |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2021-29338 | Low | Yes | Denial of service | Integer Overflow in OpenJPEG v2.4.0 allows remote attackers to crash the application, causing a Denial of Service (DoS). This occurs when the attacker uses... |
| CVE-2019-6988 | Low | Yes | Denial of service | An issue has been discovered in OpenJPEG 2.4.0. It allows remote attackers to cause a denial of service (attempted excessive memory allocation) in... |
| CVE-2018-20846 | Low | Yes | Denial of service | Out-of-bounds accesses in the functions pi_next_lrcp, pi_next_rlcp, pi_next_rpcl, pi_next_pcrl, pi_next_rpcl, and pi_next_cprl in openmj2/pi.c in OpenJPEG... |
| CVE-2018-16376 | Medium | Yes | Arbitrary code execution | An issue was discovered in OpenJPEG 2.4.0. A heap-based buffer overflow was discovered in the function t2_encode_packet in lib/openmj2/t2.c. The... |