Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

41 – 50 of 90 results


CVE-2017-17479

Medium priority

Some fixes available 3 of 8

In OpenJPEG 2.3.0, a stack-based buffer overflow was discovered in the pgxtoimage function in jpwl/convert.c. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service or possibly remote code execution.

2 affected packages

openjpeg, openjpeg2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
openjpeg Not in release Not in release Not in release Not in release Fixed
openjpeg2 Not affected Not affected Not affected Fixed Fixed
Show less packages

CVE-2017-17480

Medium priority

Some fixes available 2 of 6

In OpenJPEG 2.3.0, a stack-based buffer overflow was discovered in the pgxtovolume function in jp3d/convert.c. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service or possibly remote code execution.

2 affected packages

openjpeg, openjpeg2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
openjpeg Not in release Not in release Not in release Not affected
openjpeg2 Not affected Not affected Fixed Fixed
Show less packages

CVE-2015-1239

Medium priority
Fixed

Double free vulnerability in the j2k_read_ppm_v3 function in OpenJPEG before r2997, as used in PDFium in Google Chrome, allows remote attackers to cause a denial of service (process crash) via a crafted PDF.

2 affected packages

openjpeg, openjpeg2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
openjpeg Not in release Not in release Not in release Not affected
openjpeg2 Not affected Not affected Not affected Fixed
Show less packages

CVE-2017-14164

Low priority

Some fixes available 1 of 3

A size-validation issue was discovered in opj_j2k_write_sot in lib/openjp2/j2k.c in OpenJPEG 2.2.0. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service (heap-based buffer overflow affecting...

2 affected packages

openjpeg, openjpeg2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
openjpeg Not in release Not affected
openjpeg2 Not affected Fixed
Show less packages

CVE-2017-14152

Medium priority

Some fixes available 2 of 3

A mishandled zero case was discovered in opj_j2k_set_cinema_parameters in lib/openjp2/j2k.c in OpenJPEG 2.2.0. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service (heap-based buffer overflow...

2 affected packages

openjpeg, openjpeg2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
openjpeg Not in release Not affected
openjpeg2 Not affected Fixed
Show less packages

CVE-2017-14151

Medium priority

Some fixes available 3 of 4

An off-by-one error was discovered in opj_tcd_code_block_enc_allocate_data in lib/openjp2/tcd.c in OpenJPEG 2.2.0. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service (heap-based buffer...

2 affected packages

openjpeg, openjpeg2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
openjpeg Not in release Not affected
openjpeg2 Fixed Fixed
Show less packages

CVE-2017-14041

Medium priority

Some fixes available 6 of 7

A stack-based buffer overflow was discovered in the pgxtoimage function in bin/jp2/convert.c in OpenJPEG 2.2.0. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service or possibly remote code execution.

2 affected packages

openjpeg, openjpeg2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
openjpeg Not in release Not affected
openjpeg2 Fixed Fixed
Show less packages

CVE-2017-14040

Medium priority

Some fixes available 6 of 7

An invalid write access was discovered in bin/jp2/convert.c in OpenJPEG 2.2.0, triggering a crash in the tgatoimage function. The vulnerability may lead to remote denial of service or possibly unspecified other impact.

2 affected packages

openjpeg, openjpeg2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
openjpeg Not in release Not affected
openjpeg2 Fixed Fixed
Show less packages

CVE-2017-14039

Medium priority

Some fixes available 6 of 7

A heap-based buffer overflow was discovered in the opj_t2_encode_packet function in lib/openjp2/t2.c in OpenJPEG 2.2.0. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service or...

2 affected packages

openjpeg, openjpeg2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
openjpeg Not in release Not affected
openjpeg2 Fixed Fixed
Show less packages

CVE-2016-10507

Medium priority

Some fixes available 1 of 3

Integer overflow vulnerability in the bmp24toimage function in convertbmp.c in OpenJPEG before 2.2.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted bmp file.

2 affected packages

openjpeg, openjpeg2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
openjpeg Not in release Not affected
openjpeg2 Not affected Fixed
Show less packages