Sign In

CVE-2016-9580

SOURCE - nist

Summary

An integer overflow vulnerability was found in tiftoimage function in openjpeg 2.1.2, resulting in heap buffer overflow.

EPSS Score: 0.00489 (0.761)

Common Weakness Enumeration (CWE)

SOURCE - nist

CWE-122

Heap-based Buffer Overflow

CWE-190

Integer Overflow or Wraparound

SOURCE - redhat

CWE-122

Heap-based Buffer Overflow

CWE-190

Integer Overflow or Wraparound

Sources (7)

Impacted images

debian

CREATED

UPDATED

SOURCE IDCVE-2016-9580
EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow
PackageTypeOS NameOS VersionAffected RangesFix Versions
debian/openjpeg2debdebian12>=2.5.0-2Not yet available
debian/openjpeg2debdebian11>=2.4.0-3Not yet available
debian/openjpeg2debdebian10>=2.3.0-2+deb10u2Not yet available
debian/openjpeg2debdebian13>=2.5.0-2Not yet available
debian/openjpeg2debdebianunstable>=2.5.0-2Not yet available

Severity and metrics

No CVSS data available from this source.

nist

CREATED

UPDATED

SOURCE IDCVE-2016-9580
EXPLOITABILITY SCORE

2.8

EXPLOITS FOUND
COMMON WEAKNESS ENUMERATION (CWE)
CWE-122CWE-190

CVSS SCORE

8.8high

alpine

CREATED

UPDATED

SOURCE IDCVE-2016-9580
EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
RATING UNAVAILABLE FROM SOURCE

ubuntu

CREATED

UPDATED

SOURCE IDCVE-2016-9580
EXPLOITABILITY SCORE

2.8

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

8.8medium

redhat

CREATED

UPDATED

SOURCE IDCVE-2016-9580
EXPLOITABILITY SCORE

1.8

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)
CWE-122CWE-190

CVSS SCORE

3.3low

suse

CREATED

UPDATED

SOURCE IDCVE-2016-9580
EXPLOITABILITY SCORE

1.8

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

3.3medium

inthewild

CREATED

UPDATED

SOURCE IDCVE-2016-9580
EXPLOITABILITY SCORE

-

EXPLOITS FOUND

-

COMMON WEAKNESS ENUMERATION (CWE)-
RATING UNAVAILABLE FROM SOURCE