CVE-2016-9114 — NULL Pointer Dereference in Openjpeg

CWE-476 — NULL Pointer Dereference10 documents7 sources

Severity

7.5HIGHNVD

EPSS

0.5%

top 34.99%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Uclouvain Openjpeg

Timeline

PublishedOct 30

Latest updateMay 13

Description

There is a NULL Pointer Access in function imagetopnm of convert.c:1943(jp2) of OpenJPEG 2.1.2. image->comps[compno].data is not assigned a value after initialization(NULL). Impact is Denial of Service.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages1 packages

▶NVDuclouvain/openjpeg2.1.2

🔴Vulnerability Details

GHSA

GHSA-6cpx-32j8-j7qj: There is a NULL Pointer Access in function imagetopnm of convert↗2022-05-13

▶

CVEList

CVE-2016-9114: There is a NULL Pointer Access in function imagetopnm of convert↗2016-10-30

▶

OSV

CVE-2016-9114: There is a NULL Pointer Access in function imagetopnm of convert↗2016-10-30

▶

📋Vendor Advisories

Red Hat

openjpeg2: Multiple security issues↗2016-10-27

▶

Debian

CVE-2016-9114: openjpeg2 - There is a NULL Pointer Access in function imagetopnm of convert.c:1943(jp2) of ...↗2016

▶

💬Community

Bugzilla

CVE-2016-9112 CVE-2016-9113 CVE-2016-9114 CVE-2016-9115 CVE-2016-9116 CVE-2016-9117 CVE-2016-9118 openjpeg2: Multiple security issues [fedora-all]↗2016-10-31

▶

Bugzilla

CVE-2016-9112 CVE-2016-9113 CVE-2016-9114 CVE-2016-9115 CVE-2016-9116 CVE-2016-9117 CVE-2016-9118 mingw-openjpeg2: openjpeg2: Multiple security issues [fedora-all]↗2016-10-31

▶

Bugzilla

CVE-2016-9113 CVE-2016-9114 CVE-2016-9115 CVE-2016-9116 CVE-2016-9117 CVE-2016-9118 openjpeg2: Multiple security issues↗2016-10-31

▶

Bugzilla

CVE-2016-8332 CVE-2016-9112 CVE-2016-9113 CVE-2016-9114 CVE-2016-9115 CVE-2016-9116 CVE-2016-9117 CVE-2016-9118 openjpeg2: various flaws [epel-all]↗2016-10-03

▶