DEBIAN-CVE-2016-9116

DEBIAN-CVE-2016-9116 PUBLISHED CVSS 6.5 MEDIUM

NULL Pointer Access in function imagetopnm of convert.c:2226(jp2) in OpenJPEG 2.1.2. Impact is Denial of Service. Someone must open a crafted j2k file.

Risk Scores

CVSS v3.0

6.5

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Affected Products

Vendor	Product	Versions
Debian:11	openjpeg2	2.4.0-3, 2.4.0-3+deb11u1, 2.4.0-4
Debian:12	openjpeg2	2.5.3-2.1~deb13u1, 2.5.0-2, 2.5.0-2
Debian:13	openjpeg2	0, 2.5.3-2, 2.5.3-2.1
Debian:14	openjpeg2	0, 2.5.3-2, 2.5.3-2.1

Timeline

Oct 30, 2016 CVE Published
Apr 28, 2026 CVE Updated

References

https://security-tracker.debian.org/tracker/CVE-2016-9116 advisory

Open in Interactive Console →