DEBIAN-CVE-2016-9115

DEBIAN-CVE-2016-9115 PUBLISHED CVSS 6.5 MEDIUM

Heap Buffer Over-read in function imagetotga of convert.c(jp2):942 in OpenJPEG 2.1.2. Impact is Denial of Service. Someone must open a crafted j2k file.

Risk Scores

CVSS 3.0

6.5

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Affected Products

Vendor	Product	Versions
Debian:13	openjpeg2	2.5.3-2.1, 2.5.4-1, 2.5.3-2.1~deb13u1
Debian:11	openjpeg2	2.4.0-3+deb11u2, 2.4.0-3, 0
Debian:14	openjpeg2	2.5.4-1, 0, 2.5.3-2
Debian:12	openjpeg2	2.5.3-2.1~deb13u1, 2.5.3-2.1, 2.5.3-2

Timeline

Oct 30, 2016 CVE Published
Apr 28, 2026 CVE Updated

References

https://security-tracker.debian.org/tracker/CVE-2016-9115 advisory

Open in Interactive Console →