It was discovered that OpenJPEG incorrectly handled certain image files. A remote attacker could possibly use this issue to cause a denial of service. (CVE-2016-9112)
It was discovered that OpenJPEG did not properly handle certain input. If OpenJPEG were supplied with specially crafted input, it could be made to crash or potentially execute arbitrary code. (CVE-2018-20847, CVE-2018-21010, CVE-2020-6851, CVE-2020-8112, CVE-2020-15389)
It was discovered that OpenJPEG incorrectly handled certain BMP files. A remote attacker could possibly use this issue to cause a denial of service. (CVE-2019-12973)
{ "availability": "No subscription required", "binaries": [ { "libopenjpip-dec-server-dbgsym": "2.1.2-1.1+deb9u5build0.16.04.1", "libopenjp2-tools": "2.1.2-1.1+deb9u5build0.16.04.1", "libopenjpip7": "2.1.2-1.1+deb9u5build0.16.04.1", "libopenjp2-7-dev-dbgsym": "2.1.2-1.1+deb9u5build0.16.04.1", "libopenjp2-7": "2.1.2-1.1+deb9u5build0.16.04.1", "libopenjp2-tools-dbgsym": "2.1.2-1.1+deb9u5build0.16.04.1", "libopenjp2-7-dbg": "2.1.2-1.1+deb9u5build0.16.04.1", "libopenjpip-server": "2.1.2-1.1+deb9u5build0.16.04.1", "libopenjp2-7-dev": "2.1.2-1.1+deb9u5build0.16.04.1", "libopenjpip-server-dbgsym": "2.1.2-1.1+deb9u5build0.16.04.1", "libopenjp3d7-dbgsym": "2.1.2-1.1+deb9u5build0.16.04.1", "libopenjp3d7": "2.1.2-1.1+deb9u5build0.16.04.1", "libopenjp2-7-dbgsym": "2.1.2-1.1+deb9u5build0.16.04.1", "libopenjp3d-tools-dbgsym": "2.1.2-1.1+deb9u5build0.16.04.1", "libopenjpip7-dbgsym": "2.1.2-1.1+deb9u5build0.16.04.1", "libopenjpip-dec-server": "2.1.2-1.1+deb9u5build0.16.04.1", "libopenjp3d-tools": "2.1.2-1.1+deb9u5build0.16.04.1", "libopenjpip-viewer": "2.1.2-1.1+deb9u5build0.16.04.1" } ] }