Suggestions search

All statuses

Filter by:

With package: python311Packages.pylibjpeg-openjpeg

Found 3 matching suggestions

View:

Compact

Detailed

Published

Permalink CVE-2023-39328

5.5 MEDIUM

CVSS version (CVSS): 3.1
Attack Vector (AV): Local (L)
Attack Complexity (AC): Low (L)
Privileges Required (PR): None (N)
User Interaction (UI): Required (R)
Scope (S): Unchanged (U)
Confidentiality (C): None (N)
Integrity (I): None (N)
Availability (A): High (H)
Modified Attack Vector (MAV): Local (L)
Modified Attack Complexity (MAC): Low (L)
Modified Privileges Required (MPR): None (N)
Modified User Interaction (MUI): Required (R)
Modified Confidentiality (MC): None (N)
Modified Scope (MS): Unchanged (U)
Modified Integrity (MI): None (N)
Modified Availability (MA): High (H)

updated 8 months ago by @Erethon Activity log

Created suggestion 9 months, 3 weeks ago
@Erethon accepted 8 months ago
@Erethon published on GitHub 8 months ago

Openjpeg: denail of service via crafted image file

A vulnerability was found in OpenJPEG similar to CVE-2019-6988. This flaw allows an attacker to bypass existing protections and cause an application crash through a maliciously crafted file.

References

https://access.redhat.com/security/cve/CVE-2023-39328 vdb-entryx_refsource_REDHATx_transferred
RHBZ#2219236 x_refsource_REDHATissue-trackingx_transferred

Affected products

openjpeg

==2.5.0

openjpeg2

gimp:flatpak/openjpeg2

inkscape:flatpak/openjpeg2

libreoffice:flatpak/openjpeg2

Matching in nixpkgs

pkgs.openjpeg

Open-source JPEG 2000 codec written in C language

nixos-unstable 2.5.2
- nixpkgs-unstable 2.5.2
- nixos-unstable-small 2.5.2

pkgs.python311Packages.pylibjpeg-openjpeg

A J2K and JP2 plugin for pylibjpeg

nixos-unstable 2.3.0
- nixpkgs-unstable 2.3.0
- nixos-unstable-small 2.3.0

pkgs.python312Packages.pylibjpeg-openjpeg

A J2K and JP2 plugin for pylibjpeg

nixos-unstable 2.4.0
- nixpkgs-unstable 2.4.0
- nixos-unstable-small 2.4.0

pkgs.python313Packages.pylibjpeg-openjpeg

A J2K and JP2 plugin for pylibjpeg

nixos-unstable 2.4.0
- nixpkgs-unstable 2.4.0
- nixos-unstable-small 2.4.0

Package maintainers

@codyopel Cody Opel <codyopel@gmail.com>
@bcdarwin Ben Darwin <bcdarwin@gmail.com>

Published

Permalink CVE-2023-39329

6.5 MEDIUM

CVSS version (CVSS): 3.1
Attack Vector (AV): Network (N)
Attack Complexity (AC): Low (L)
Privileges Required (PR): None (N)
User Interaction (UI): Required (R)
Scope (S): Unchanged (U)
Confidentiality (C): None (N)
Integrity (I): None (N)
Availability (A): High (H)
Modified Attack Vector (MAV): Network (N)
Modified Attack Complexity (MAC): Low (L)
Modified Privileges Required (MPR): None (N)
Modified User Interaction (MUI): Required (R)
Modified Confidentiality (MC): None (N)
Modified Scope (MS): Unchanged (U)
Modified Integrity (MI): None (N)
Modified Availability (MA): High (H)

updated 8 months ago by @Erethon Activity log

Created suggestion 9 months, 3 weeks ago
@Erethon accepted 8 months ago
@Erethon published on GitHub 8 months ago

Openjpeg: resource exhaustion will occur in the opj_t1_decode_cblks function in the tcd.c

A flaw was found in OpenJPEG. A resource exhaustion can occur in the opj_t1_decode_cblks function in tcd.c through a crafted image file, causing a denial of service.

References

https://access.redhat.com/security/cve/CVE-2023-39329 vdb-entryx_refsource_REDHATx_transferred
RHBZ#2295816 x_refsource_REDHATissue-trackingx_transferred

Affected products

openjpeg

==2.5.0

openjpeg2

gimp:flatpak/openjpeg2

inkscape:flatpak/openjpeg2

libreoffice:flatpak/openjpeg2

Matching in nixpkgs

pkgs.openjpeg

Open-source JPEG 2000 codec written in C language

nixos-unstable 2.5.2
- nixpkgs-unstable 2.5.2
- nixos-unstable-small 2.5.2

pkgs.python311Packages.pylibjpeg-openjpeg

A J2K and JP2 plugin for pylibjpeg

nixos-unstable 2.3.0
- nixpkgs-unstable 2.3.0
- nixos-unstable-small 2.3.0

pkgs.python312Packages.pylibjpeg-openjpeg

A J2K and JP2 plugin for pylibjpeg

nixos-unstable 2.4.0
- nixpkgs-unstable 2.4.0
- nixos-unstable-small 2.4.0

pkgs.python313Packages.pylibjpeg-openjpeg

A J2K and JP2 plugin for pylibjpeg

nixos-unstable 2.4.0
- nixpkgs-unstable 2.4.0
- nixos-unstable-small 2.4.0

Package maintainers

@codyopel Cody Opel <codyopel@gmail.com>
@bcdarwin Ben Darwin <bcdarwin@gmail.com>

Published

Permalink CVE-2023-39327

4.3 MEDIUM

CVSS version (CVSS): 3.1
Attack Vector (AV): Network (N)
Attack Complexity (AC): Low (L)
Privileges Required (PR): None (N)
User Interaction (UI): Required (R)
Scope (S): Unchanged (U)
Confidentiality (C): None (N)
Integrity (I): None (N)
Availability (A): Low (L)
Modified Attack Vector (MAV): Network (N)
Modified Attack Complexity (MAC): Low (L)
Modified Privileges Required (MPR): None (N)
Modified User Interaction (MUI): Required (R)
Modified Confidentiality (MC): None (N)
Modified Scope (MS): Unchanged (U)
Modified Integrity (MI): None (N)
Modified Availability (MA): Low (L)

updated 8 months, 2 weeks ago by @Erethon Activity log

Created suggestion 9 months, 3 weeks ago
@Erethon accepted 8 months, 2 weeks ago
@Erethon published on GitHub 8 months, 2 weeks ago

Openjpeg: malicious files can cause the program to enter a large loop

A flaw was found in OpenJPEG. Maliciously constructed pictures can cause the program to enter a large loop and continuously print warning messages on the terminal.