Search CVE reports
71 – 80 of 90 results
CVE-2016-5158
Medium prioritySome fixes available 10 of 16
Multiple integer overflows in the opj_tcd_init_tile function in tcd.c in OpenJPEG, as used in PDFium in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allow remote attackers to cause a...
4 affected packages
chromium-browser, openjpeg, openjpeg2, oxide-qt
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| chromium-browser | — | — | — | Fixed | Fixed |
| openjpeg | — | — | — | Not in release | Not affected |
| openjpeg2 | — | — | — | Not affected | Fixed |
| oxide-qt | — | — | — | Not in release | Not affected |
CVE-2016-5139
Medium prioritySome fixes available 10 of 16
Multiple integer overflows in the opj_tcd_init_tile function in tcd.c in OpenJPEG, as used in PDFium in Google Chrome before 52.0.2743.116, allow remote attackers to cause a denial of service (heap-based buffer overflow) or...
4 affected packages
chromium-browser, openjpeg, openjpeg2, oxide-qt
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| chromium-browser | — | — | — | Fixed | Fixed |
| openjpeg | — | — | — | Not in release | Not affected |
| openjpeg2 | — | — | — | Not affected | Fixed |
| oxide-qt | — | — | — | Not in release | Not affected |
CVE-2016-1924
Low prioritySome fixes available 1 of 5
The opj_tgt_reset function in OpenJpeg 2016.1.18 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted JPEG 2000 image.
2 affected packages
openjpeg, openjpeg2
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| openjpeg | — | — | — | Not in release | Not affected |
| openjpeg2 | — | — | — | Not affected | Fixed |
CVE-2016-1923
Low prioritySome fixes available 1 of 5
Heap-based buffer overflow in the opj_j2k_update_image_data function in OpenJpeg 2016.1.18 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted JPEG 2000 image.
2 affected packages
openjpeg, openjpeg2
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| openjpeg | — | Not in release | Not in release | Not in release | Not affected |
| openjpeg2 | — | Not affected | Not affected | Not affected | Fixed |
CVE-2015-6581
Medium prioritySome fixes available 8 of 13
Double free vulnerability in the opj_j2k_copy_default_tcp_and_create_tcd function in j2k.c in OpenJPEG before r3002, as used in PDFium in Google Chrome before 45.0.2454.85, allows remote attackers to execute arbitrary code or...
3 affected packages
chromium-browser, openjpeg, oxide-qt
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| chromium-browser | — | — | — | Fixed | Fixed |
| openjpeg | — | — | — | Not in release | Not affected |
| oxide-qt | — | — | — | Not in release | Not affected |
CVE-2015-1273
Medium prioritySome fixes available 20 of 28
Heap-based buffer overflow in j2k.c in OpenJPEG before r3002, as used in PDFium in Google Chrome before 44.0.2403.89, allows remote attackers to cause a denial of service or possibly have unspecified other impact via invalid...
3 affected packages
chromium-browser, openjpeg, oxide-qt
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| chromium-browser | Fixed | Fixed | Fixed | Fixed | Fixed |
| openjpeg | Not in release | Not in release | Not in release | Not in release | Vulnerable |
| oxide-qt | Not in release | Not in release | Not in release | Not in release | Not affected |
CVE-2014-7947
Medium prioritySome fixes available 22 of 48
OpenJPEG before r2944, as used in PDFium in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PDF document, related to j2k.c, jp2.c, pi.c, t1.c, t2.c, and tcd.c.
7 affected packages
chromium-browser, gdcm, insighttoolkit4, openjpeg, openjpeg2...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| chromium-browser | Fixed | Fixed | Fixed | Fixed | Fixed |
| gdcm | Not affected | Not affected | Not affected | Not affected | Not affected |
| insighttoolkit4 | Not in release | Not affected | Not affected | Not affected | Not affected |
| openjpeg | Not in release | Not in release | Not in release | Not in release | Not affected |
| openjpeg2 | Not affected | Not affected | Not affected | Not affected | Fixed |
| oxide-qt | Not in release | Not in release | Not in release | Not in release | Not affected |
| vxl | Not in release | Not in release | Not in release | Not in release | Vulnerable |
CVE-2014-7945
Medium prioritySome fixes available 22 of 48
OpenJPEG before r2908, as used in PDFium in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PDF document, related to j2k.c, jp2.c, and t2.c.
7 affected packages
chromium-browser, gdcm, insighttoolkit4, openjpeg, openjpeg2...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| chromium-browser | Fixed | Fixed | Fixed | Fixed | Fixed |
| gdcm | Not affected | Not affected | Not affected | Not affected | Not affected |
| insighttoolkit4 | Not in release | Not affected | Not affected | Not affected | Not affected |
| openjpeg | Not in release | Not in release | Not in release | Not in release | Not affected |
| openjpeg2 | Not affected | Not affected | Not affected | Not affected | Fixed |
| oxide-qt | Not in release | Not in release | Not in release | Not in release | Not affected |
| vxl | Not in release | Not in release | Not in release | Not in release | Vulnerable |
CVE-2013-6053
Medium priorityOpenJPEG 1.5.1 allows remote attackers to obtain sensitive information via unspecified vectors that trigger a heap-based out-of-bounds read.
1 affected packages
openjpeg
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| openjpeg | — | — | — | Not in release | Not affected |
CVE-2013-6887
Medium priorityOpenJPEG 1.5.1 allows remote attackers to cause a denial of service via unspecified vectors that trigger NULL pointer dereferences, division-by-zero, and other errors.
1 affected packages
openjpeg
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| openjpeg | — | — | — | Not in release | Not affected |