Uclouvain Openjpeg
45 CVEs affecting Uclouvain Openjpeg. Latest disclosed: 2026-04-13. Critical: 3, High: 13.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2017-17480 | Critical | 9.8 | 2017-12-08 | In OpenJPEG 2.3.0, a stack-based buffer overflow was discovered in the pgxtovolume function in jp3d/convert.c. The vulnerability causes an out-of-bounds write… |
CVE-2017-17479 | Critical | 9.8 | 2017-12-08 | In OpenJPEG 2.3.0, a stack-based buffer overflow was discovered in the pgxtoimage function in jpwl/convert.c. The vulnerability causes an out-of-bounds write… |
CVE-2015-8871 | Critical | 9.8 | 2016-09-21 | Use-after-free vulnerability in the opj_j2k_write_mco function in j2k.c in OpenJPEG before 2.1.1 allows remote attackers to have unspecified impact via unknown… |
CVE-2017-14164 | High | 8.8 | 2017-09-06 | A size-validation issue was discovered in opj_j2k_write_sot in lib/openjp2/j2k.c in OpenJPEG 2.2.0. The vulnerability causes an out-of-bounds write, which may… |
CVE-2017-14152 | High | 8.8 | 2017-09-05 | A mishandled zero case was discovered in opj_j2k_set_cinema_parameters in lib/openjp2/j2k.c in OpenJPEG 2.2.0. The vulnerability causes an out-of-bounds write… |
CVE-2017-14151 | High | 8.8 | 2017-09-05 | An off-by-one error was discovered in opj_tcd_code_block_enc_allocate_data in lib/openjp2/tcd.c in OpenJPEG 2.2.0. The vulnerability causes an out-of-bounds wr… |
CVE-2017-14041 | High | 8.8 | 2017-08-30 | A stack-based buffer overflow was discovered in the pgxtoimage function in bin/jp2/convert.c in OpenJPEG 2.2.0. The vulnerability causes an out-of-bounds write… |
CVE-2017-14040 | High | 8.8 | 2017-08-30 | An invalid write access was discovered in bin/jp2/convert.c in OpenJPEG 2.2.0, triggering a crash in the tgatoimage function. The vulnerability may lead to rem… |
CVE-2017-14039 | High | 8.8 | 2017-08-30 | A heap-based buffer overflow was discovered in the opj_t2_encode_packet function in lib/openjp2/t2.c in OpenJPEG 2.2.0. The vulnerability causes an out-of-boun… |
CVE-2016-9675 | High | 7.8 | 2016-12-22 | openjpeg: A heap-based buffer overflow flaw was found in the patch for CVE-2013-6045. A crafted j2k image could cause the application to crash, or potentially… |
CVE-2016-7163 | High | 7.8 | 2016-09-21 | Integer overflow in the opj_pi_create_decode function in pi.c in OpenJPEG allows remote attackers to execute arbitrary code via a crafted JP2 file, which trigg… |
CVE-2016-9114 | High | 7.5 | 2016-10-30 | There is a NULL Pointer Access in function imagetopnm of convert.c:1943(jp2) of OpenJPEG 2.1.2. image->comps[compno].data is not assigned a value after initial… |
CVE-2016-9113 | High | 7.5 | 2016-10-30 | There is a NULL pointer dereference in function imagetobmp of convertbmp.c:980 of OpenJPEG 2.1.2. image->comps[0].data is not assigned a value after initializa… |
CVE-2016-9112 | High | 7.5 | 2016-10-29 | Floating Point Exception (aka FPE or divide by zero) in opj_pi_next_cprl function in openjp2/pi.c:523 in OpenJPEG 2.1.2. |
CVE-2016-8332 | High | 7.5 | 2016-10-28 | A buffer overflow in OpenJPEG 2.1.1 causes arbitrary code execution when parsing a crafted image. An exploitable code execution vulnerability exists in the jpe… |
CVE-2016-7445 | High | 7.5 | 2016-10-03 | convert.c in OpenJPEG before 2.1.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors involving… |
CVE-2015-1239 | Medium | 6.5 | 2017-10-18 | Double free vulnerability in the j2k_read_ppm_v3 function in OpenJPEG before r2997, as used in PDFium in Google Chrome, allows remote attackers to cause a deni… |
CVE-2016-10507 | Medium | 6.5 | 2017-08-30 | Integer overflow vulnerability in the bmp24toimage function in convertbmp.c in OpenJPEG before 2.2.0 allows remote attackers to cause a denial of service (heap… |
CVE-2016-10506 | Medium | 6.5 | 2017-08-30 | Division-by-zero vulnerabilities in the functions opj_pi_next_cprl, opj_pi_next_pcrl, and opj_pi_next_rpcl in pi.c in OpenJPEG before 2.2.0 allow remote attack… |
CVE-2016-10505 | Medium | 6.5 | 2017-08-30 | NULL pointer dereference vulnerabilities in the imagetopnm function in convert.c, sycc444_to_rgb function in color.c, color_esycc_to_rgb function in color.c, a… |