cbcvebase.
CVE-2016-9572
published 2018-08-01

CVE-2016-9572: A NULL pointer dereference flaw was found in the way openjpeg 2.1.2 decoded certain input images. Due to a logic error in the code responsible for decoding the…

medium6.5CVSS 3.0
AVNACLPRNUIRSUCNINAH
A NULL pointer dereference flaw was found in the way openjpeg 2.1.2 decoded certain input images. Due to a logic error in the code responsible for decoding the input image, an application using openjpeg to process image data could crash when processing a crafted image.

Affected

8 ranges
VendorProductVersion rangeFixed in
debiandebian_linux
debianopenjpeg2< openjpeg2 2.1.2-1.1 (bookworm)openjpeg2 2.1.2-1.1 (bookworm)
the_openjpeg_projectopenjpeg
the_openjpeg_projectopenjpeg2>= 0 < 2.1.2-1.12.1.2-1.1
the_openjpeg_projectopenjpeg2>= 0 < 2.1.2-1.12.1.2-1.1
the_openjpeg_projectopenjpeg2>= 0 < 2.1.2-1.12.1.2-1.1
the_openjpeg_projectopenjpeg2>= 0 < 2.1.2-1.12.1.2-1.1
uclouvainopenjpeg

CVSS provenance

nvdv3.06.5MEDIUMCVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
osv6.5MEDIUM