Information on source package openjpeg2

Available versions

ReleaseVersion
jessie2.1.0-2+deb8u14
stretch2.1.2-1.1+deb9u7
buster2.3.0-2+deb10u2
bullseye2.4.0-3
bookworm2.5.0-2
trixie2.5.0-2
sid2.5.0-2

Open issues

BugjessiestretchbusterbullseyebookwormtrixiesidDescription
CVE-2023-39329vulnerable (no DSA, postponed)vulnerable (no DSA, postponed)vulnerable (no DSA, postponed)vulnerable (no DSA)vulnerable (no DSA, postponed)vulnerablevulnerableA flaw was found in OpenJPEG. A resource exhaustion can occur in the o ...
CVE-2023-39328vulnerable (no DSA, postponed)vulnerable (no DSA, postponed)vulnerable (no DSA, postponed)vulnerable (no DSA)vulnerable (no DSA, postponed)vulnerablevulnerableA vulnerability was found in OpenJPEG similar to CVE-2019-6988. This f ...
CVE-2023-39327vulnerable (no DSA, postponed)vulnerable (no DSA, postponed)vulnerable (no DSA, postponed)vulnerable (no DSA)vulnerable (no DSA, postponed)vulnerablevulnerableA flaw was found in OpenJPEG. Maliciously constructed pictures can cau ...
CVE-2022-1122fixedfixedvulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedA flaw was found in the opj2_decompress program in openjpeg2 2.4.0 in ...
CVE-2021-29338fixedfixedvulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedInteger Overflow in OpenJPEG v2.4.0 allows remote attackers to crash t ...
CVE-2021-3575vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)vulnerablevulnerableA heap-based buffer overflow was found in openjpeg in color.c:379:42 i ...
CVE-2019-12973fixedfixedvulnerable (no DSA, ignored)fixedfixedfixedfixedIn OpenJPEG 2.3.1, there is excessive iteration in the opj_t1_encode_c ...
CVE-2019-6988vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerablevulnerableAn issue was discovered in OpenJPEG 2.3.0. It allows remote attackers ...
CVE-2016-3183vulnerable (no DSA)fixedfixedfixedfixedfixedfixedThe sycc422_t_rgb function in common/color.c in OpenJPEG before 2.1.1 ...
CVE-2016-1923vulnerable (no DSA)fixedfixedfixedfixedfixedfixedHeap-based buffer overflow in the opj_j2k_update_image_data function i ...
CVE-2014-7947vulnerable (no DSA)fixedfixedfixedfixedfixedfixedOpenJPEG before r2944, as used in PDFium in Google Chrome before 40.0. ...

Open unimportant issues

BugjessiestretchbusterbullseyebookwormtrixiesidDescription
CVE-2018-20846vulnerablevulnerablevulnerablevulnerablevulnerablevulnerablevulnerableOut-of-bounds accesses in the functions pi_next_lrcp, pi_next_rlcp, pi ...
CVE-2018-20845vulnerablevulnerablevulnerablefixedfixedfixedfixedDivision-by-zero vulnerabilities in the functions pi_next_pcrl, pi_nex ...
CVE-2018-16376vulnerablevulnerablevulnerablevulnerablevulnerablevulnerablevulnerableAn issue was discovered in OpenJPEG 2.3.0. A heap-based buffer overflo ...
CVE-2018-16375vulnerablevulnerablevulnerablevulnerablevulnerablevulnerablevulnerableAn issue was discovered in OpenJPEG 2.3.0. Missing checks for header_i ...
CVE-2018-7648vulnerablevulnerablevulnerablefixedfixedfixedfixedAn issue was discovered in mj2/opj_mj2_extract.c in OpenJPEG 2.3.0. Th ...
CVE-2018-5727vulnerablevulnerablevulnerablefixedfixedfixedfixedIn OpenJPEG 2.3.0, there is an integer overflow vulnerability in the o ...
CVE-2017-17479vulnerablevulnerablevulnerablevulnerablevulnerablevulnerablevulnerableIn OpenJPEG 2.3.0, a stack-based buffer overflow was discovered in the ...
CVE-2017-12982vulnerablevulnerablefixedfixedfixedfixedfixedThe bmp_read_info_header function in bin/jp2/convertbmp.c in OpenJPEG ...
CVE-2016-10506vulnerablevulnerablevulnerablevulnerablevulnerablevulnerablevulnerableDivision-by-zero vulnerabilities in the functions opj_pi_next_cprl, op ...
CVE-2016-10505vulnerablevulnerablevulnerablevulnerablevulnerablevulnerablevulnerableNULL pointer dereference vulnerabilities in the imagetopnm function in ...
CVE-2016-9581vulnerablevulnerablevulnerablevulnerablevulnerablevulnerablevulnerableAn infinite loop vulnerability in tiftoimage that results in heap buff ...
CVE-2016-9580vulnerablevulnerablevulnerablevulnerablevulnerablevulnerablevulnerableAn integer overflow vulnerability was found in tiftoimage function in ...
CVE-2016-9117vulnerablevulnerablevulnerablevulnerablevulnerablevulnerablevulnerableNULL Pointer Access in function imagetopnm of convert.c(jp2):1289 in O ...
CVE-2016-9116vulnerablevulnerablevulnerablevulnerablevulnerablevulnerablevulnerableNULL Pointer Access in function imagetopnm of convert.c:2226(jp2) in O ...
CVE-2016-9115vulnerablevulnerablevulnerablevulnerablevulnerablevulnerablevulnerableHeap Buffer Over-read in function imagetotga of convert.c(jp2):942 in ...
CVE-2016-9114vulnerablevulnerablevulnerablevulnerablevulnerablevulnerablevulnerableThere is a NULL Pointer Access in function imagetopnm of convert.c:194 ...
CVE-2016-9113vulnerablevulnerablevulnerablevulnerablevulnerablevulnerablevulnerableThere is a NULL pointer dereference in function imagetobmp of convertb ...
CVE-2016-7445vulnerablefixedfixedfixedfixedfixedfixedconvert.c in OpenJPEG before 2.1.2 allows remote attackers to cause a ...

Resolved issues

BugDescription
CVE-2020-27845There's a flaw in src/lib/openjp2/pi.c of openjpeg in versions prior t ...
CVE-2020-27844A flaw was found in openjpeg's src/lib/openjp2/t2.c in versions prior ...
CVE-2020-27843A flaw was found in OpenJPEG in versions prior to 2.4.0. This flaw all ...
CVE-2020-27842There's a flaw in openjpeg's t2 encoder in versions prior to 2.4.0. An ...
CVE-2020-27841There's a flaw in openjpeg in versions prior to 2.4.0 in src/lib/openj ...
CVE-2020-27824A flaw was found in OpenJPEG\u2019s encoder in the opj_dwt_calc_explic ...
CVE-2020-27823A flaw was found in OpenJPEG\u2019s encoder. This flaw allows an attac ...
CVE-2020-27814A heap-buffer overflow was found in the way openjpeg2 handled certain ...
CVE-2020-15389jp2/opj_decompress.c in OpenJPEG through 2.3.1 has a use-after-free th ...
CVE-2020-8112opj_t1_clbl_decode_processor in openjp2/t1.c in OpenJPEG 2.3.1 through ...
CVE-2020-6851OpenJPEG through 2.3.1 has a heap-based buffer overflow in opj_t1_clbl ...
CVE-2018-21010OpenJPEG before 2.3.1 has a heap buffer overflow in color_apply_icc_pr ...
CVE-2018-20847An improper computation of p_tx0, p_tx1, p_ty0 and p_ty1 in the functi ...
CVE-2018-18088OpenJPEG 2.3.0 has a NULL pointer dereference for "red" in the imageto ...
CVE-2018-14423Division-by-zero vulnerabilities in the functions pi_next_pcrl, pi_nex ...
CVE-2018-6616In OpenJPEG 2.3.0, there is excessive iteration in the opj_t1_encode_c ...
CVE-2018-5785In OpenJPEG 2.3.0, there is an integer overflow caused by an out-of-bo ...
CVE-2017-17480In OpenJPEG 2.3.0, a stack-based buffer overflow was discovered in the ...
CVE-2017-14164A size-validation issue was discovered in opj_j2k_write_sot in lib/ope ...
CVE-2017-14152A mishandled zero case was discovered in opj_j2k_set_cinema_parameters ...
CVE-2017-14151An off-by-one error was discovered in opj_tcd_code_block_enc_allocate_ ...
CVE-2017-14041A stack-based buffer overflow was discovered in the pgxtoimage functio ...
CVE-2017-14040An invalid write access was discovered in bin/jp2/convert.c in OpenJPE ...
CVE-2017-14039A heap-based buffer overflow was discovered in the opj_t2_encode_packe ...
CVE-2016-10507Integer overflow vulnerability in the bmp24toimage function in convert ...
CVE-2016-10504Heap-based buffer overflow vulnerability in the opj_mqc_byteout functi ...
CVE-2016-9573An out-of-bounds read vulnerability was found in OpenJPEG 2.1.2, in th ...
CVE-2016-9572A NULL pointer dereference flaw was found in the way openjpeg 2.1.2 de ...
CVE-2016-9118Heap Buffer Overflow (WRITE of size 4) in function pnmtoimage of conve ...
CVE-2016-9112Floating Point Exception (aka FPE or divide by zero) in opj_pi_next_cp ...
CVE-2016-8332A buffer overflow in OpenJPEG 2.1.1 causes arbitrary code execution wh ...
CVE-2016-7163Integer overflow in the opj_pi_create_decode function in pi.c in OpenJ ...
CVE-2016-5159Multiple integer overflows in OpenJPEG, as used in PDFium in Google Ch ...
CVE-2016-5158Multiple integer overflows in the opj_tcd_init_tile function in tcd.c ...
CVE-2016-5157Heap-based buffer overflow in the opj_dwt_interleave_v function in dwt ...
CVE-2016-5152Integer overflow in the opj_tcd_get_decoded_tile_size function in tcd. ...
CVE-2016-5139Multiple integer overflows in the opj_tcd_init_tile function in tcd.c ...
CVE-2016-4797Divide-by-zero vulnerability in the opj_tcd_init_tile function in tcd. ...
CVE-2016-4796Heap-based buffer overflow in the color_cmyk_to_rgb in common/color.c ...
CVE-2016-3182The color_esycc_to_rgb function in bin/common/color.c in OpenJPEG befo ...
CVE-2016-1924The opj_tgt_reset function in OpenJpeg 2016.1.18 allows remote attacke ...
CVE-2016-1628pi.c in OpenJPEG, as used in PDFium in Google Chrome before 48.0.2564. ...
CVE-2016-1626The opj_pi_update_decode_poc function in pi.c in OpenJPEG, as used in ...
CVE-2015-8871Use-after-free vulnerability in the opj_j2k_write_mco function in j2k. ...
CVE-2015-6581Double free vulnerability in the opj_j2k_copy_default_tcp_and_create_t ...
CVE-2015-1239Double free vulnerability in the j2k_read_ppm_v3 function in OpenJPEG ...

Security announcements

DSA / DLADescription
ELA-615-1openjpeg2 - security update
ELA-596-1openjpeg2 - security update
DLA-2975-1openjpeg2 - security update
DSA-4882-1openjpeg2 - security update
ELA-373-1openjpeg2 - security update
DLA-2550-1openjpeg2 - security update
ELA-241-1openjpeg2 - security update
DLA-2277-1openjpeg2 - security update
DLA-2089-1openjpeg2 - security update
DLA-2081-1openjpeg2 - security update
DLA-1950-1openjpeg2 - security update
DLA-1851-1openjpeg2 - security update
DSA-4405-1openjpeg2 - security update
DLA-1614-1openjpeg2 - security update
DLA-1579-1openjpeg2 - security update
DLA-1433-1openjpeg2 - security update
DSA-4013-1openjpeg2 - security update
DSA-3768-1openjpeg2 - security update
DSA-3665-1openjpeg2 - security update

Search for package or bug name: Reporting problems