CVE-2016-10505

ADVISORY - nist

Summary

NULL pointer dereference vulnerabilities in the imagetopnm function in convert.c, sycc444_to_rgb function in color.c, color_esycc_to_rgb function in color.c, and sycc422_to_rgb function in color.c in OpenJPEG before 2.2.0 allow remote attackers to cause a denial of service (application crash) via crafted j2k files.

EPSS Score⁠: 0.00581 (0.785)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-476⁠

NULL Pointer Dereference

ADVISORY - redhat

CWE-119⁠

Improper Restriction of Operations within the Bounds of a Memory Buffer

Impacted images

Advisories

Sign in to Docker Scout

See which of your images are affected by this CVE and how to fix them by signing into Docker Scout.