VDB
GCVE-110-MAGEIA-2019-4
GCVE-110-MAGEIA-2019-4
Advisory Published
A stack-based buffer overflow in the pgxtoimage function in
jpwl/convert.c could crash the converter (CVE-2017-17479).
A stack-based buffer overflow in the pgxtovolume function in
jp3d/convert.c could crash the converter (CVE-2017-17480).
A flaw was found in OpenJPEG 2.3.0, there is an integer overflow caused
by an out-of-bounds left shift in the opj_j2k_setup_encoder function
(openjp2/j2k.c). Remote attackers could leverage this vulnerability to
cause a denial of service via a crafted bmp file (CVE-2018-5785).
In OpenJPEG 2.3.0, there is excessive iteration in the
opj_t1_encode_cblks function of openjp2/t1.c. Attackers could leverage
this vulnerability to cause a denial of service via a crafted bmp file
(CVE-2018-6616).
A flaw was found in OpenJPEG 2.3.0. A NULL pointer dereference for "red"
in the imagetopnm function of jp2/convert.c (CVE-2018-18088).
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | openjpeg2 | 0 (affected), 2.2.0-1.3.mga6 (unaffected), 0 (affected), 2.2.0-1.3.mga6 (unaffected) | — |
| Mageia | youtube-dl | 0 (affected), 2019.01.10-1.mga6 (unaffected) | — |
References
Browse GCVE Records
73,393 records in the GCVE database · Updated July 17, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.