UBUNTU-CVE-2018-20847

See a problem?
Please try reporting it to the source first.
Source
https://ubuntu.com/security/CVE-2018-20847
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2018/UBUNTU-CVE-2018-20847.json
JSON Data
https://api.test.osv.dev/v1/vulns/UBUNTU-CVE-2018-20847
Upstream
Downstream
Related
Published
2019-06-26T18:15:00Z
Modified
2025-07-14T07:14:56.224612Z
Severity
  • 8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
  • Ubuntu - medium
Summary
[none]
Details

An improper computation of ptx0, ptx1, pty0 and pty1 in the function opjgetencoding_parameters in openjp2/pi.c in OpenJPEG through 2.3.0 can lead to an integer overflow.

References

Affected packages

Ubuntu:16.04:LTS / openjpeg2

Package

Name
openjpeg2
Purl
pkg:deb/ubuntu/openjpeg2@2.1.2-1.1+deb9u5build0.16.04.1?arch=source&distro=xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.1.2-1.1+deb9u5build0.16.04.1

Affected versions

2.*

2.1.0-2.1
2.1.0-2.1ubuntu0.1
2.1.2-1.1+deb9u2build0.1
2.1.2-1.1+deb9u3build0.16.04.1

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "libopenjp2-7",
            "binary_version": "2.1.2-1.1+deb9u5build0.16.04.1"
        },
        {
            "binary_name": "libopenjp2-7-dbg",
            "binary_version": "2.1.2-1.1+deb9u5build0.16.04.1"
        },
        {
            "binary_name": "libopenjp2-7-dbgsym",
            "binary_version": "2.1.2-1.1+deb9u5build0.16.04.1"
        },
        {
            "binary_name": "libopenjp2-7-dev",
            "binary_version": "2.1.2-1.1+deb9u5build0.16.04.1"
        },
        {
            "binary_name": "libopenjp2-7-dev-dbgsym",
            "binary_version": "2.1.2-1.1+deb9u5build0.16.04.1"
        },
        {
            "binary_name": "libopenjp2-tools",
            "binary_version": "2.1.2-1.1+deb9u5build0.16.04.1"
        },
        {
            "binary_name": "libopenjp2-tools-dbgsym",
            "binary_version": "2.1.2-1.1+deb9u5build0.16.04.1"
        },
        {
            "binary_name": "libopenjp3d-tools",
            "binary_version": "2.1.2-1.1+deb9u5build0.16.04.1"
        },
        {
            "binary_name": "libopenjp3d-tools-dbgsym",
            "binary_version": "2.1.2-1.1+deb9u5build0.16.04.1"
        },
        {
            "binary_name": "libopenjp3d7",
            "binary_version": "2.1.2-1.1+deb9u5build0.16.04.1"
        },
        {
            "binary_name": "libopenjp3d7-dbgsym",
            "binary_version": "2.1.2-1.1+deb9u5build0.16.04.1"
        },
        {
            "binary_name": "libopenjpip-dec-server",
            "binary_version": "2.1.2-1.1+deb9u5build0.16.04.1"
        },
        {
            "binary_name": "libopenjpip-dec-server-dbgsym",
            "binary_version": "2.1.2-1.1+deb9u5build0.16.04.1"
        },
        {
            "binary_name": "libopenjpip-server",
            "binary_version": "2.1.2-1.1+deb9u5build0.16.04.1"
        },
        {
            "binary_name": "libopenjpip-server-dbgsym",
            "binary_version": "2.1.2-1.1+deb9u5build0.16.04.1"
        },
        {
            "binary_name": "libopenjpip-viewer",
            "binary_version": "2.1.2-1.1+deb9u5build0.16.04.1"
        },
        {
            "binary_name": "libopenjpip7",
            "binary_version": "2.1.2-1.1+deb9u5build0.16.04.1"
        },
        {
            "binary_name": "libopenjpip7-dbgsym",
            "binary_version": "2.1.2-1.1+deb9u5build0.16.04.1"
        }
    ],
    "availability": "No subscription required"
}

Ubuntu:Pro:16.04:LTS / blender

Package

Name
blender
Purl
pkg:deb/ubuntu/blender@2.76.b+dfsg0-3build1?arch=source&distro=esm-apps/xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.74+dfsg0-4build2
2.75.a+dfsg0-2ubuntu2
2.75.a+dfsg0-2ubuntu3
2.76.b+dfsg0-3
2.76.b+dfsg0-3build1

Ubuntu:Pro:16.04:LTS / emscripten

Package

Name
emscripten
Purl
pkg:deb/ubuntu/emscripten@1.22.1-1build1?arch=source&distro=esm-apps/xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1.*

1.22.1-1build1

Ubuntu:Pro:16.04:LTS / insighttoolkit4

Package

Name
insighttoolkit4
Purl
pkg:deb/ubuntu/insighttoolkit4@4.9.0-4ubuntu1.1?arch=source&distro=esm-apps/xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

4.*

4.8.1-1ubuntu3
4.8.1-1ubuntu4
4.8.2-3.1ubuntu1
4.9.0-3ubuntu2
4.9.0-4ubuntu1
4.9.0-4ubuntu1.1

Ubuntu:Pro:16.04:LTS / texmaker

Package

Name
texmaker
Purl
pkg:deb/ubuntu/texmaker@4.4.1-1.1?arch=source&distro=esm-apps/xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

4.*

4.4.1-1
4.4.1-1.1

Ubuntu:Pro:18.04:LTS / blender

Package

Name
blender
Purl
pkg:deb/ubuntu/blender@2.79.b+dfsg0-1ubuntu1.18.04.1?arch=source&distro=esm-apps/bionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.78.c+dfsg0-2build1
2.79+dfsg0-2build1
2.79+dfsg0-3
2.79+dfsg0-3build1
2.79.b+dfsg0-1
2.79.b+dfsg0-1ubuntu1.18.04.1

Ubuntu:Pro:18.04:LTS / emscripten

Package

Name
emscripten
Purl
pkg:deb/ubuntu/emscripten@1.22.1-1build1?arch=source&distro=esm-apps/bionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1.*

1.22.1-1build1

Ubuntu:Pro:18.04:LTS / insighttoolkit4

Package

Name
insighttoolkit4
Purl
pkg:deb/ubuntu/insighttoolkit4@4.12.2-dfsg1-1ubuntu1?arch=source&distro=esm-apps/bionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

4.*

4.12.2-dfsg1-1ubuntu1

Ubuntu:Pro:18.04:LTS / qtwebengine-opensource-src

Package

Name
qtwebengine-opensource-src
Purl
pkg:deb/ubuntu/qtwebengine-opensource-src@5.9.5+dfsg-0ubuntu2?arch=source&distro=esm-apps/bionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

5.*

5.9.1+dfsg-4
5.9.1+dfsg-4ubuntu1
5.9.2+dfsg-2ubuntu1
5.9.3+dfsg-0ubuntu1
5.9.4+dfsg-0ubuntu1
5.9.5+dfsg-0ubuntu2

Ubuntu:Pro:18.04:LTS / texmaker

Package

Name
texmaker
Purl
pkg:deb/ubuntu/texmaker@5.0.2-1build2?arch=source&distro=esm-apps/bionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

4.*

4.5-1

5.*

5.0.2-1
5.0.2-1build1
5.0.2-1build2

Ubuntu:Pro:20.04:LTS / blender

Package

Name
blender
Purl
pkg:deb/ubuntu/blender@2.82.a+dfsg-1?arch=source&distro=esm-apps/focal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.80+dfsg-3
2.80+dfsg-3build1
2.80+dfsg-4
2.81.a+dfsg-5build3
2.82+dfsg-1
2.82+dfsg-1build1
2.82.a+dfsg-1

Ubuntu:Pro:20.04:LTS / insighttoolkit4

Package

Name
insighttoolkit4
Purl
pkg:deb/ubuntu/insighttoolkit4@4.13.2-dfsg1-8?arch=source&distro=esm-apps/focal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

4.*

4.12.2-dfsg1-4.1ubuntu1
4.13.2-dfsg1-1ubuntu1
4.13.2-dfsg1-4ubuntu1
4.13.2-dfsg1-6
4.13.2-dfsg1-6ubuntu1
4.13.2-dfsg1-8

Ubuntu:Pro:20.04:LTS / qtwebengine-opensource-src

Package

Name
qtwebengine-opensource-src
Purl
pkg:deb/ubuntu/qtwebengine-opensource-src@5.12.8+dfsg-0ubuntu1.1?arch=source&distro=esm-apps/focal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

5.*

5.12.4+dfsg-1ubuntu1
5.12.4+dfsg-1ubuntu3
5.12.5+dfsg-3ubuntu1
5.12.5+dfsg-6ubuntu2
5.12.5+dfsg-7
5.12.5+dfsg-7build1
5.12.8+dfsg-0ubuntu1
5.12.8+dfsg-0ubuntu1.1

Ubuntu:Pro:20.04:LTS / texmaker

Package

Name
texmaker
Purl
pkg:deb/ubuntu/texmaker@5.0.3-1build5?arch=source&distro=esm-apps/focal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

5.*

5.0.3-1build2
5.0.3-1build3
5.0.3-1build4
5.0.3-1build5

Ubuntu:22.04:LTS / blender

Package

Name
blender
Purl
pkg:deb/ubuntu/blender@3.0.1+dfsg-7?arch=source&distro=jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.93.3+dfsg-3
2.93.5+dfsg-1
2.93.5+dfsg-1build1

3.*

3.0.1+dfsg-7

Ubuntu:22.04:LTS / emscripten

Package

Name
emscripten
Purl
pkg:deb/ubuntu/emscripten@3.1.5~dfsg-3ubuntu1?arch=source&distro=jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.0.13~dfsg-1

3.*

3.1.1~dfsg+~1.39.6-5ubuntu4
3.1.2~dfsg+~1.39.6-6ubuntu1
3.1.3~dfsg-4ubuntu1
3.1.3~dfsg-5ubuntu1
3.1.4~dfsg-7ubuntu1
3.1.5~dfsg-3ubuntu1

Ubuntu:22.04:LTS / insighttoolkit4

Package

Name
insighttoolkit4
Purl
pkg:deb/ubuntu/insighttoolkit4@4.13.3withdata-dfsg2-1ubuntu1?arch=source&distro=jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

4.*

4.13.3withdata-dfsg1-4.1
4.13.3withdata-dfsg2-1ubuntu1

Ubuntu:22.04:LTS / qtwebengine-opensource-src

Package

Name
qtwebengine-opensource-src
Purl
pkg:deb/ubuntu/qtwebengine-opensource-src@5.15.9+dfsg-1?arch=source&distro=jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

5.*

5.15.6+dfsg-1
5.15.6+dfsg-2
5.15.7+dfsg-2
5.15.8+dfsg-1
5.15.8+dfsg-1build1
5.15.8+dfsg-1build2
5.15.8+dfsg-2
5.15.9+dfsg-1

Ubuntu:22.04:LTS / texmaker

Package

Name
texmaker
Purl
pkg:deb/ubuntu/texmaker@5.0.3-1build9?arch=source&distro=jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

5.*

5.0.3-1build8
5.0.3-1build9

Ubuntu:24.04:LTS / blender

Package

Name
blender
Purl
pkg:deb/ubuntu/blender@4.0.2+dfsg-1ubuntu8?arch=source&distro=noble

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

3.*

3.6.2+dfsg-2ubuntu1
3.6.2+dfsg-2ubuntu2

4.*

4.0.2+dfsg-1ubuntu1
4.0.2+dfsg-1ubuntu2
4.0.2+dfsg-1ubuntu4
4.0.2+dfsg-1ubuntu6
4.0.2+dfsg-1ubuntu7
4.0.2+dfsg-1ubuntu8

Ubuntu:24.04:LTS / emscripten

Package

Name
emscripten
Purl
pkg:deb/ubuntu/emscripten@3.1.6~dfsg-7?arch=source&distro=noble

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

3.*

3.1.6~dfsg-5
3.1.6~dfsg-6
3.1.6~dfsg-7

Ubuntu:24.04:LTS / qtwebengine-opensource-src

Package

Name
qtwebengine-opensource-src
Purl
pkg:deb/ubuntu/qtwebengine-opensource-src@5.15.16+dfsg-3?arch=source&distro=noble

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

5.*

5.15.15+dfsg-2
5.15.15+dfsg-2build2
5.15.15+dfsg-2ubuntu1
5.15.16+dfsg-1
5.15.16+dfsg-1ubuntu2
5.15.16+dfsg-1ubuntu4
5.15.16+dfsg-3

Ubuntu:24.04:LTS / texmaker

Package

Name
texmaker
Purl
pkg:deb/ubuntu/texmaker@5.1.3+dfsg-1build8?arch=source&distro=noble

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

5.*

5.1.3+dfsg-1build4
5.1.3+dfsg-1build5
5.1.3+dfsg-1build6
5.1.3+dfsg-1build7
5.1.3+dfsg-1build8

Ubuntu:25.04 / blender

Package

Name
blender
Purl
pkg:deb/ubuntu/blender@4.3.2+dfsg-2?arch=source&distro=plucky

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

4.*

4.2.1+dfsg-1
4.2.3+dfsg-3
4.3.0+dfsg-1ubuntu1
4.3.0+dfsg-1ubuntu3
4.3.2+dfsg-1ubuntu1
4.3.2+dfsg-2

Ubuntu:25.04 / emscripten

Package

Name
emscripten
Purl
pkg:deb/ubuntu/emscripten@3.1.69+dfsg-1?arch=source&distro=plucky

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

3.*

3.1.6~dfsg-9
3.1.69+dfsg-1

Ubuntu:25.04 / qtwebengine-opensource-src

Package

Name
qtwebengine-opensource-src
Purl
pkg:deb/ubuntu/qtwebengine-opensource-src@5.15.18+dfsg-2?arch=source&distro=plucky

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

5.*

5.15.17+dfsg-4
5.15.17+dfsg-5
5.15.17+dfsg2-1
5.15.17+dfsg2-2
5.15.17+dfsg2-3
5.15.18+dfsg-1
5.15.18+dfsg-2

Ubuntu:25.04 / texmaker

Package

Name
texmaker
Purl
pkg:deb/ubuntu/texmaker@5.1.3+dfsg-3?arch=source&distro=plucky

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

5.*

5.1.3+dfsg-2build1
5.1.3+dfsg-3