Vulnetix
Try Vulnetix Request Demo
CVE-2018-20846 PUBLISHED

Out-of-bounds accesses in the functions pi_next_lrcp, pi_next_rlcp, pi_next_rpcl, pi_next_pcrl, pi_next_rpcl, and pi_next_cprl in openmj2/pi.c in OpenJPEG through 2.3.0 allow remote attackers to cause a denial of service (application crash).

EPSS 0.46% · 63.7th percentile

Risk Scores

EPSS Score
0.46%
63.7th percentile

Affected Products

VendorProductVersions
Ubuntu:16.04:LTSblender2.75.a+dfsg0-2ubuntu3, 2.76.b+dfsg0-3, 2.74+dfsg0-4build2
Ubuntu:18.04:LTSqtwebengine-opensource-src5.9.1+dfsg-4, 0, 5.9.5+dfsg-0ubuntu2
Ubuntu:18.04:LTSemscripten0, 1.22.1-1build1
Ubuntu:22.04:LTSinsighttoolkit40, 4.13.3withdata-dfsg1-4.1, 4.13.3withdata-dfsg2-1ubuntu1
Ubuntu:20.04:LTSqtwebengine-opensource-src5.12.5+dfsg-6ubuntu2, 5.12.5+dfsg-3ubuntu1, 5.12.4+dfsg-1ubuntu3
Ubuntu:16.04:LTSemscripten0, 1.22.1-1build1
Ubuntu:18.04:LTSblender0, 2.79.b+dfsg0-1, 2.78.c+dfsg0-2build1
Ubuntu:22.04:LTSqtwebengine-opensource-src5.15.8+dfsg-2, 5.15.8+dfsg-1build2, 5.15.9+dfsg-1
Ubuntu:20.04:LTSblender2.80+dfsg-3, 2.80+dfsg-3build1, 2.80+dfsg-4
Ubuntu:25.10qtwebengine-opensource-src5.15.19+dfsg-1, 5.15.19+dfsg2-1, 5.15.18+dfsg-2build1
Ubuntu:22.04:LTSemscripten3.1.4~dfsg-7ubuntu1, 3.1.3~dfsg-5ubuntu1, 3.1.3~dfsg-4ubuntu1
Ubuntu:24.04:LTSqtwebengine-opensource-src5.15.16+dfsg-3, 0, 5.15.16+dfsg-1ubuntu2
Ubuntu:20.04:LTSinsighttoolkit44.12.2-dfsg1-4.1ubuntu1, 4.13.2-dfsg1-6ubuntu1, 4.13.2-dfsg1-6
Ubuntu:24.04:LTSemscripten3.1.6~dfsg-6, 3.1.6~dfsg-7, 3.1.6~dfsg-5
Ubuntu:25.10blender4.3.2+dfsg-2ubuntu1, 4.3.2+dfsg-2ubuntu2, 0
Ubuntu:22.04:LTSblender3.0.1+dfsg-7, 2.93.5+dfsg-1build1, 2.93.5+dfsg-1
Ubuntu:24.04:LTStexmaker5.1.3+dfsg-1build8, 5.1.3+dfsg-1build7, 5.1.3+dfsg-1build6
Ubuntu:14.04:LTSopenjpeg0, 1.3+dfsg-4.6ubuntu2, 1.3+dfsg-4.7ubuntu1
Ubuntu:16.04:LTStexmaker4.4.1-1.1, 4.4.1-1, 0
Ubuntu:22.04:LTStexmaker5.0.3-1build9, 5.0.3-1build8, 0

…and 7 more

Timeline

References

Open in Interactive Console →