Known Vulnerabilities for Openjpeg by Uclouvain
Listed below are 10 of the newest known vulnerabilities associated with "Openjpeg" by "Uclouvain".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2021-29338 | Integer Overflow in OpenJPEG v2.4.0 allows remote attackers to crash the application, causing a Denial of Service (DoS). This... | 5.5 - MEDIUM | 2021-04-14 | 2023-11-07 |
| CVE-2021-3575 | A heap-based buffer overflow was found in openjpeg in color.c:379:42 in sycc420_to_rgb when decompressing a crafted .j2k file... | 7.8 - HIGH | 2022-03-04 | 2023-02-12 |
| CVE-2020-27842 | There's a flaw in openjpeg's t2 encoder in versions prior to 2.4.0. An attacker who is able to provide crafted input to be pr... | 5.5 - MEDIUM | 2021-01-05 | 2023-11-07 |
| CVE-2020-27841 | There's a flaw in openjpeg in versions prior to 2.4.0 in src/lib/openjp2/pi.c. When an attacker is able to provide crafted in... | 5.5 - MEDIUM | 2021-01-05 | 2023-11-07 |
| CVE-2020-27824 | A flaw was found in OpenJPEG’s encoder in the opj_dwt_calc_explicit_stepsizes() function. This flaw allows an attacker who ... | 5.5 - MEDIUM | 2021-05-13 | 2023-11-07 |
| CVE-2020-27823 | A flaw was found in OpenJPEG’s encoder. This flaw allows an attacker to pass specially crafted x,y offset input to OpenJPEG... | 7.8 - HIGH | 2021-05-13 | 2023-11-07 |
| CVE-2020-27814 | A heap-buffer overflow was found in the way openjpeg2 handled certain PNG format files. An attacker could use this flaw to ca... | 7.8 - HIGH | 2021-01-26 | 2022-10-07 |
| CVE-2020-15389 | jp2/opj_decompress.c in OpenJPEG through 2.3.1 has a use-after-free that can be triggered if there is a mix of valid and inva... | 6.5 - MEDIUM | 2020-06-29 | 2022-10-06 |
| CVE-2020-8112 | opj_t1_clbl_decode_processor in openjp2/t1.c in OpenJPEG 2.3.1 through 2020-01-28 has a heap-based buffer overflow in the qmf... | 8.8 - HIGH | 2020-01-28 | 2023-11-07 |
| CVE-2020-6851 | OpenJPEG through 2.3.1 has a heap-based buffer overflow in opj_t1_clbl_decode_processor in openjp2/t1.c because of lack of op... | 7.5 - HIGH | 2020-01-13 | 2023-11-07 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Uclouvain | Openjpeg | 2.4.0 | All | All | All |
| Application | Uclouvain | Openjpeg | 2.3.1 | All | All | All |
| Application | Uclouvain | Openjpeg | 2.3.0 | All | All | All |
| Application | Uclouvain | Openjpeg | 2.2.0 | All | All | All |
| Application | Uclouvain | Openjpeg | 2.1.2 | All | All | All |
| Application | Uclouvain | Openjpeg | 2.1.1 | All | All | All |
| Application | Uclouvain | Openjpeg | 2.1.0 | All | All | All |
| Application | Uclouvain | Openjpeg | 2.1 | All | All | All |
| Application | Uclouvain | Openjpeg | 2.0.1 | All | All | All |
| Application | Uclouvain | Openjpeg | 2.0.0 | All | All | All |
| Application | Uclouvain | Openjpeg | 2.0 | All | All | All |
| Application | Uclouvain | Openjpeg | 1.5.2 | All | All | All |
| Application | Uclouvain | Openjpeg | 1.5.1 | All | All | All |
| Application | Uclouvain | Openjpeg | 1.5 | All | All | All |
| Application | Uclouvain | Openjpeg | 1.4 | All | All | All |
| Application | Uclouvain | Openjpeg | 1.3 | All | All | All |
| Application | Uclouvain | Openjpeg | 1.2 | All | All | All |
| Application | Uclouvain | Openjpeg | 1.1 | All | All | All |
| Application | Uclouvain | Openjpeg | 1.0 | All | All | All |
| Application | Uclouvain | Openjpeg | - | All | All | All |