VDB
DEBIAN-CVE-2016-10505
DEBIAN-CVE-2016-10505
PUBLISHED
CVSS 6.5 MEDIUM
NULL pointer dereference vulnerabilities in the imagetopnm function in convert.c, sycc444_to_rgb function in color.c, color_esycc_to_rgb function in color.c, and sycc422_to_rgb function in color.c in OpenJPEG before 2.2.0 allow remote attackers to cause a denial of service (application crash) via crafted j2k files.
Risk Scores
CVSS v3.0
6.5
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:11 | openjpeg2 | 2.5.3-2.1, 2.4.0-3+deb11u1, 2.4.0-3+deb11u2 |
| Debian:13 | openjpeg2 | 0, 2.5.3-2, 2.5.3-2.1 |
| Debian:12 | openjpeg2 | 2.5.4-1, 2.5.0-2, 2.5.0-2 |
| Debian:14 | openjpeg2 | 0, 2.5.3-2, 2.5.3-2.1 |
Timeline
- Aug 30, 2017 CVE Published
- Apr 28, 2026 CVE Updated