Lucene search
Veracode Vulnerability DatabaseVERACODE:29232HistoryFeb 03, 2021 - 7:31 a.m.
Denial Of Service (DoS)
2021-02-0307:31:02
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
16
0.003 Low
EPSS
Percentile
70.2%
openjpeg2 is vulnerable to denial of service. Excessive iterations in the opj_t1_encode_cblks function in openjp2/t1.c allows remote attackers to cause a denial of service via a malicious bmp file.
| CPE | Name | Operator | Version |
|---|---|---|---|
| openjpeg2 | eq | 2.3.0__8.el8 | |
| openjpeg2 | eq | 2.1.2__1.el7 | |
| openjpeg2 | eq | 2.3.0__6.el7 |
References
access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.1_release_notes/
access.redhat.com/errata/RHBA-2019:3408
bugzilla.redhat.com/show_bug.cgi?id=1542321
github.com/uclouvain/openjpeg/issues/1059
lists.debian.org/debian-lts-announce/2018/12/msg00013.html
usn.ubuntu.com/4109-1/
www.debian.org/security/2019/dsa-4405
www.oracle.com/security-alerts/cpujul2020.html
Related
alpinelinux
alpinelinux
CVE-2018-6616
2018-02-04 22:29:00
CVE-2019-12973
2019-06-26 18:15:10
osv
osv
CVE-2018-6616
2018-02-04 22:29:00
CVE-2019-12973
2019-06-26 18:15:10
openjpeg2 - security update
2018-12-22 00:00:00
redhatcve
redhatcve
CVE-2018-6616
2019-04-11 20:50:14
CVE-2019-12973
2020-04-08 05:22:37
prion
prion
Design/Logic Flaw
2018-02-04 22:29:00
Code injection
2019-06-26 18:15:00
cve
cve
CVE-2018-6616
2018-02-04 22:29:00
CVE-2019-12973
2019-06-26 18:15:10
cvelist
cvelist
CVE-2018-6616
2018-02-04 22:00:00
CVE-2019-12973
2019-06-26 17:07:51
nvd
nvd
CVE-2018-6616
2018-02-04 22:29:00
CVE-2019-12973
2019-06-26 18:15:10
ubuntucve
ubuntucve
CVE-2018-6616
2018-02-04 00:00:00
CVE-2019-12973
2019-06-26 00:00:00
debiancve
debiancve
CVE-2018-6616
2018-02-04 22:29:00
CVE-2019-12973
2019-06-26 18:15:10
openvas
openvas
Huawei EulerOS: Security Advisory for openjpeg2 (EulerOS-SA-2022-1811)
2022-06-07 00:00:00
Huawei EulerOS: Security Advisory for openjpeg2 (EulerOS-SA-2022-1872)
2022-06-16 00:00:00
Mageia: Security Advisory (MGASA-2019-0365)
2022-01-28 00:00:00
nessus
nessus
EulerOS 2.0 SP9 : openjpeg2 (EulerOS-SA-2022-1848)
2022-06-15 00:00:00
EulerOS Virtualization 2.9.0 : openjpeg2 (EulerOS-SA-2022-2204)
2022-07-29 00:00:00
Debian DLA-1614-1 : openjpeg2 security update
2018-12-24 00:00:00
debian
debian
[SECURITY] [DLA 1614-1] openjpeg2 security update
2018-12-22 13:57:35
[SECURITY] [DSA 4405-1] openjpeg2 security update
2019-03-10 14:35:51
[SECURITY] [DSA 4405-1] openjpeg2 security update
2019-03-10 14:35:51
fedora
fedora
[SECURITY] Fedora 29 Update: openjpeg2-2.3.0-10.fc29
2018-12-24 06:08:36
[SECURITY] Fedora 29 Update: mingw-openjpeg2-2.3.0-6.fc29
2018-12-24 06:08:36
[SECURITY] Fedora 28 Update: openjpeg2-2.3.0-10.fc28
2018-12-29 02:26:15
mageia
mageia
Updated openjpeg2 packages fix security vulnerability
2019-12-06 17:15:42
Updated openjpeg2 packages fix security vulnerabilities
2019-01-05 21:30:16
freebsd
freebsd
OpenJPEG -- multiple vulnerabilities
2017-12-08 00:00:00
ubuntu
ubuntu
OpenJPEG vulnerabilities
2019-08-21 00:00:00
cloudfoundry
cloudfoundry
USN-4109-1: OpenJPEG vulnerabilities | Cloud Foundry
2019-08-29 00:00:00
archlinux
archlinux
[ASA-202012-21] openjpeg2: multiple issues
2020-12-09 00:00:00
suse
suse
Security update for openjpeg2 (important)
2022-04-19 00:00:00
amazon
amazon
Medium: openjpeg2
2022-01-18 21:37:00
oracle
oracle
Oracle Critical Patch Update Advisory - July 2020
2020-07-14 00:00:00