CVE-2018-21010

OpenJPEG before 2.3.1 has a heap buffer overflow in color_apply_icc_profile in bin/common/color.c.
Configurations

Configuration 1 (hide)

cpe:2.3:a:uclouvain:openjpeg:*:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

History

29 Oct 2022, 02:31

Type Values Removed Values Added
References
  • (N/A) https://www.oracle.com//security-alerts/cpujul2021.html - Patch, Third Party Advisory

28 Jan 2021, 19:36

Type Values Removed Values Added
CPE cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
References (MLIST) https://lists.debian.org/debian-lts-announce/2019/10/msg00009.html - (MLIST) https://lists.debian.org/debian-lts-announce/2019/10/msg00009.html - Mailing List, Third Party Advisory
References (GENTOO) https://security.gentoo.org/glsa/202101-29 - (GENTOO) https://security.gentoo.org/glsa/202101-29 - Third Party Advisory
CWE CWE-119 CWE-787

26 Jan 2021, 18:15

Type Values Removed Values Added
References
  • (GENTOO) https://security.gentoo.org/glsa/202101-29 -

Information

Published : 2019-09-05 13:15

Updated : 2022-10-29 02:31


NVD link : CVE-2018-21010

Mitre link : CVE-2018-21010


JSON object : View

Products Affected

uclouvain

  • openjpeg

debian

  • debian_linux
CWE
CWE-787

Out-of-bounds Write