CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-1122 – openjpeg: segmentation fault in opj2_decompress due to uninitialized pointer
https://notcve.org/view.php?id=CVE-2022-1122
A flaw was found in the opj2_decompress program in openjpeg2 2.4.0 in the way it handles an input directory with a large number of files. When it fails to allocate a buffer to store the filenames of the input directory, it calls free() on an uninitialized pointer, leading to a segmentation fault and a denial of service. Se ha encontrado un fallo en el programa opj2_decompress de openjpeg2 versión 2.4.0, en la forma en que maneja un directorio de entrada con un gran número de archivos. Cuando no asigna un búfer para almacenar los nombres de los archivos del directorio de entrada, llama a free() sobre un puntero no inicializado, conllevando a un fallo de segmentación y una denegación de servicio A flaw was found in the opj2_decompress program in openjpeg2 in the way it handles an input directory with a large number of files. When it fails to allocate a buffer to store the filenames of the input directory, it calls free() on an uninitialized pointer, leading to a segmentation fault and a denial of service. • https://github.com/uclouvain/openjpeg/issues/1368 https://lists.debian.org/debian-lts-announce/2022/04/msg00006.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MIWSQFQWXDU4MT3XTVAO6HC7TVL3NHS7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RMKBAMK2CAM5TMC5TODKVCE5AAPTD5YV https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ROSN5NRUFOH7HGLJ4ZSKPGAKLFXJALW4 https://security.gentoo.org/glsa/202209-04 https: • CWE-665: Improper Initialization CWE-824: Access of Uninitialized Pointer •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 1CVE-2021-3575 – openjpeg: heap-buffer-overflow in color.c may lead to DoS or arbitrary code execution
https://notcve.org/view.php?id=CVE-2021-3575
A heap-based buffer overflow was found in openjpeg in color.c:379:42 in sycc420_to_rgb when decompressing a crafted .j2k file. An attacker could use this to execute arbitrary code with the permissions of the application compiled against openjpeg. Se encontró un desbordamiento de búfer en la región heap de la memoria en openjpeg en color.c:379:42 en sycc420_to_rgb cuando es descomprimido un archivo .j2k diseñado. Un atacante podría usar esto para ejecutar código arbitrario con los permisos de la aplicación compilada contra openjpeg A heap-based buffer overflow was found in OpenJPEG. This flaw allows an attacker to execute arbitrary code with the permissions of the application compiled against OpenJPEG. • https://bugzilla.redhat.com/show_bug.cgi?id=1957616 https://github.com/uclouvain/openjpeg/issues/1347 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZ54FGM2IGAP4AWSJ22JKHOPHCR3FGYU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QB6AI7CWXWMEDZIQY4LQ6DMIEXMDOHUP https://ubuntu.com/security/CVE-2021-3575 https://access.redhat.com/security/cve/CVE-2021-3575 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2020-27823 – openjpeg: heap-buffer-overflow write in opj_tcd_dc_level_shift_encode()
https://notcve.org/view.php?id=CVE-2020-27823
A flaw was found in OpenJPEG’s encoder. This flaw allows an attacker to pass specially crafted x,y offset input to OpenJPEG to use during encoding. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. Se encontró un fallo en el codificador de OpenJPEG. Este fallo permite a un atacante pasar una entrada de desplazamiento x,y especialmente diseñada a OpenJPEG para usarla durante la codificación. • https://bugzilla.redhat.com/show_bug.cgi?id=1905762 https://lists.debian.org/debian-lts-announce/2021/02/msg00011.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OQR4EWRFFZQDMFPZKFZ6I3USLMW6TKTP https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WJUPGIZE6A4O52EBOF75MCXJOL6MUCRV https://www.debian.org/security/2021/dsa-4882 https://access.redhat.com/security/cve/CVE-2020-27823 • CWE-20: Improper Input Validation CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2020-27824 – openjpeg: global-buffer-overflow read in opj_dwt_calc_explicit_stepsizes()
https://notcve.org/view.php?id=CVE-2020-27824
A flaw was found in OpenJPEG’s encoder in the opj_dwt_calc_explicit_stepsizes() function. This flaw allows an attacker who can supply crafted input to decomposition levels to cause a buffer overflow. The highest threat from this vulnerability is to system availability. Se encontró un fallo en el codificador de OpenJPEG en la función opj_dwt_calc_explicit_stepsizes(). Este fallo permite a un atacante que puede suministrar una entrada diseñada a niveles de descomposición para causar un desbordamiento del búfer. • https://bugzilla.redhat.com/show_bug.cgi?id=1905723 https://lists.debian.org/debian-lts-announce/2021/02/msg00011.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OQR4EWRFFZQDMFPZKFZ6I3USLMW6TKTP https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WJUPGIZE6A4O52EBOF75MCXJOL6MUCRV https://www.debian.org/security/2021/dsa-4882 https://www.oracle.com/security-alerts/cpuoct2021.html https://access.redhat.com/security/cve/CVE-2020- • CWE-20: Improper Input Validation CWE-125: Out-of-bounds Read •
CVSS: 6.2EPSS: 0%CPEs: 4EXPL: 1CVE-2021-29338 – openjpeg: out-of-bounds write due to an integer overflow in opj_compress.c
https://notcve.org/view.php?id=CVE-2021-29338
Integer Overflow in OpenJPEG v2.4.0 allows remote attackers to crash the application, causing a Denial of Service (DoS). This occurs when the attacker uses the command line option "-ImgDir" on a directory that contains 1048576 files. Integer Overflow en OpenJPEG versión v2.4.0 permite a atacantes remotos bloquear la aplicación, causando una denegación de servicio (DoS). Esto ocurre cuando el atacante usa la opción de línea de comando "-ImgDir" en un directorio que contiene 1048576 archivos There is a flaw in the opj2_compress program in openjpeg2. An attacker who is able to submit a large number of image files to be processed in a directory by opj2_compress, could trigger a heap out-of-bounds write due to an integer overflow, which is caused by the large number of image files. • https://github.com/uclouvain/openjpeg/issues/1338 https://lists.debian.org/debian-lts-announce/2022/04/msg00006.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZ54FGM2IGAP4AWSJ22JKHOPHCR3FGYU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QB6AI7CWXWMEDZIQY4LQ6DMIEXMDOHUP https://security.gentoo.org/glsa/202209-04 https://access.redhat.com/security/cve/CVE-2021-29338 https://bugzilla.redhat.com/show_bug.cgi?id=1950101 • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •