Search CVE reports

Toggle filters

1 – 10 of 62 results

CVE-2025-50952

Medium priority
Vulnerable

openjpeg v 2.5.0 was discovered to contain a NULL pointer dereference via the component /openjp2/dwt.c.

7 affected packages

openjpeg2, insighttoolkit4, qtwebengine-opensource-src, blender, texmaker...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
openjpeg2 Vulnerable Vulnerable Needs evaluation Needs evaluation
insighttoolkit4 Not in release Needs evaluation Needs evaluation Needs evaluation
qtwebengine-opensource-src Needs evaluation Needs evaluation Needs evaluation Needs evaluation
blender Needs evaluation Needs evaluation Needs evaluation Needs evaluation
texmaker Needs evaluation Needs evaluation Needs evaluation Needs evaluation
ghostscript Not affected Not affected Not affected Needs evaluation
openjpeg Not in release Not in release
Show all 7 packages Show less packages

CVE-2025-54874

Medium priority
Vulnerable

OpenJPEG is an open-source JPEG 2000 codec. In OpenJPEG 2.5.3 and earlier, a call to opj_jp2_read_header may lead to OOB heap memory write when the data stream p_stream is too short and p_image is not initialized.

7 affected packages

insighttoolkit4, qtwebengine-opensource-src, blender, texmaker, ghostscript...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
insighttoolkit4 Not in release Needs evaluation Needs evaluation Needs evaluation
qtwebengine-opensource-src Needs evaluation Needs evaluation Needs evaluation Needs evaluation
blender Needs evaluation Needs evaluation Needs evaluation Needs evaluation
texmaker Needs evaluation Needs evaluation Needs evaluation Needs evaluation
ghostscript Not affected Not affected Not affected Needs evaluation
openjpeg Not in release Not in release
openjpeg2 Not affected Not affected Not affected Not affected
Show all 7 packages Show less packages

CVE-2024-56827

Medium priority

Some fixes available 9 of 33

A flaw was found in the OpenJPEG project. A heap buffer overflow condition may be triggered when certain options are specified while using the opj_decompress utility. This can lead to an application crash or other undefined behavior.

7 affected packages

insighttoolkit4, qtwebengine-opensource-src, blender, texmaker, ghostscript...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
insighttoolkit4 Not in release Needs evaluation Needs evaluation Needs evaluation
qtwebengine-opensource-src Needs evaluation Needs evaluation Needs evaluation Needs evaluation
blender Needs evaluation Needs evaluation Needs evaluation Needs evaluation
texmaker Needs evaluation Needs evaluation Needs evaluation Needs evaluation
ghostscript Not affected Not affected Not affected Fixed
openjpeg Not in release Not in release Not in release
openjpeg2 Fixed Fixed Fixed Fixed
Show all 7 packages Show less packages

CVE-2024-56826

Medium priority

Some fixes available 9 of 33

A flaw was found in the OpenJPEG project. A heap buffer overflow condition may be triggered when certain options are specified while using the opj_decompress utility. This can lead to an application crash or other undefined behavior.

7 affected packages

openjpeg2, insighttoolkit4, qtwebengine-opensource-src, blender, texmaker...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
openjpeg2 Fixed Fixed Fixed Fixed
insighttoolkit4 Not in release Needs evaluation Needs evaluation Needs evaluation
qtwebengine-opensource-src Needs evaluation Needs evaluation Needs evaluation Needs evaluation
blender Needs evaluation Needs evaluation Needs evaluation Needs evaluation
texmaker Needs evaluation Needs evaluation Needs evaluation Needs evaluation
ghostscript Not affected Not affected Not affected Fixed
openjpeg Not in release Not in release Not in release
Show all 7 packages Show less packages

CVE-2023-39329

Medium priority
Vulnerable

A flaw was found in OpenJPEG. A resource exhaustion can occur in the opj_t1_decode_cblks function in tcd.c through a crafted image file, causing a denial of service.

7 affected packages

openjpeg2, insighttoolkit4, qtwebengine-opensource-src, blender, texmaker...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
openjpeg2 Vulnerable Vulnerable Vulnerable Vulnerable
insighttoolkit4 Not in release Needs evaluation Needs evaluation Needs evaluation
qtwebengine-opensource-src Needs evaluation Needs evaluation Needs evaluation Needs evaluation
blender Needs evaluation Needs evaluation Needs evaluation Needs evaluation
texmaker Needs evaluation Needs evaluation Needs evaluation Needs evaluation
ghostscript Not affected Not affected Not affected Needs evaluation
openjpeg Not in release Not in release Not in release
Show all 7 packages Show less packages

CVE-2023-39327

Medium priority

Some fixes available 9 of 39

A flaw was found in OpenJPEG. Maliciously constructed pictures can cause the program to enter a large loop and continuously print warning messages on the terminal.

7 affected packages

insighttoolkit4, qtwebengine-opensource-src, blender, texmaker, ghostscript...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
insighttoolkit4 Not in release Needs evaluation Needs evaluation Needs evaluation
qtwebengine-opensource-src Needs evaluation Needs evaluation Needs evaluation Needs evaluation
blender Needs evaluation Needs evaluation Needs evaluation Needs evaluation
texmaker Needs evaluation Needs evaluation Needs evaluation Needs evaluation
ghostscript Not affected Not affected Not affected Fixed
openjpeg Not in release Not in release Not in release
openjpeg2 Fixed Fixed Fixed Fixed
Show all 7 packages Show less packages

CVE-2023-39328

Medium priority
Vulnerable

A vulnerability was found in OpenJPEG similar to CVE-2019-6988. This flaw allows an attacker to bypass existing protections and cause an application crash through a maliciously crafted file.

7 affected packages

openjpeg2, insighttoolkit4, qtwebengine-opensource-src, blender, texmaker...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
openjpeg2 Vulnerable Vulnerable Vulnerable Vulnerable
insighttoolkit4 Not in release Needs evaluation Needs evaluation Needs evaluation
qtwebengine-opensource-src Needs evaluation Needs evaluation Needs evaluation Needs evaluation
blender Needs evaluation Needs evaluation Needs evaluation Needs evaluation
texmaker Needs evaluation Needs evaluation Needs evaluation Needs evaluation
ghostscript Not affected Not affected Not affected Needs evaluation
openjpeg Not in release Not in release Not in release
Show all 7 packages Show less packages

CVE-2022-2833

Medium priority
Needs evaluation

Endless Infinite loop in Blender-thumnailing due to logical bugs.

2 affected packages

blender, due

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
blender Needs evaluation Needs evaluation Needs evaluation Needs evaluation
due Needs evaluation Needs evaluation Not in release Not in release
Show less packages

CVE-2022-2832

Medium priority
Needs evaluation

A flaw was found in Blender 3.3.0. A null pointer dereference exists in source/blender/gpu/opengl/gl_backend.cc that may lead to loss of confidentiality and integrity.

1 affected package

blender

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
blender Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2022-2831

Medium priority
Needs evaluation

A flaw was found in Blender 3.3.0. An interger overflow in source/blender/blendthumb/src/blendthumb_extract.cc may lead to program crash or memory corruption.

1 affected package

blender

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
blender Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages
  1. Previous page
  2. 1
  3. 2
  4. 3
  5. 4
  6. 5
  7. Next page
Export to JSON