[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-MGASA-2019-0004":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T14:55:33.319Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":24,"duplicates":25,"related":26,"reserved_at":9,"published_at":32,"modified_at":33,"state":9,"summary":34,"references_raw":36,"kevs":61,"epss":9,"epss_history":62,"metrics":63,"affected":64},"MGASA-2019-0004","Updated openjpeg2 packages fix security vulnerabilities\n\nA stack-based buffer overflow in the pgxtoimage function in\njpwl/convert.c could crash the converter (CVE-2017-17479).\n\nA stack-based buffer overflow in the pgxtovolume function in\njp3d/convert.c could crash the converter (CVE-2017-17480).\n\nA flaw was found in OpenJPEG 2.3.0, there is an integer overflow caused\nby an out-of-bounds left shift in the opj_j2k_setup_encoder function\n(openjp2/j2k.c). Remote attackers could leverage this vulnerability to\ncause a denial of service via a crafted bmp file (CVE-2018-5785).\n\nIn OpenJPEG 2.3.0, there is excessive iteration in the\nopj_t1_encode_cblks function of openjp2/t1.c. Attackers could leverage\nthis vulnerability to cause a denial of service via a crafted bmp file\n(CVE-2018-6616).\n\nA flaw was found in OpenJPEG 2.3.0. A NULL pointer dereference for \"red\"\nin the imagetopnm function of jp2/convert.c (CVE-2018-18088).\n",null,[],[],[],[14,16,18,20,22],{"_key":15},"CVE-2017-17479",{"_key":17},"CVE-2017-17480",{"_key":19},"CVE-2018-18088",{"_key":21},"CVE-2018-5785",{"_key":23},"CVE-2018-6616",[],[],[27,28,29,30,31],{"_key":15},{"_key":17},{"_key":19},{"_key":21},{"_key":23},"2019-01-05T18:30:16Z","2026-04-16T06:23:08.644249887Z",{"cisa_kev":35,"cisa_ransomware":35,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[37,43,48,53,57],{"url":38,"sources":39,"tags":41},"https://advisories.mageia.org/MGASA-2019-0004.html",[40],"osv_mageia",[42],"Advisory",{"url":44,"sources":45,"tags":46},"https://bugs.mageia.org/show_bug.cgi?id=23147",[40],[47],"REPORT",{"url":49,"sources":50,"tags":51},"https://lists.opensuse.org/opensuse-updates/2018-05/msg00086.html",[40],[47,52],"WEB",{"url":54,"sources":55,"tags":56},"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/HKAGXKPJ2Z4TMUR3TVLTQ7SMTTIYGJKK/",[40],[47,52],{"url":58,"sources":59,"tags":60},"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/JAZ5ZQP5XJ23SE3ECBP4QQF2CGMK6USD/",[40],[47,52],[],[],[],[65],{"ecosystem":66,"name":67,"vendor":68,"product":67,"cpe_part":9,"purl_type":69,"purl_namespace":68,"purl_name":67,"source":9,"versions":70},"Mageia","openjpeg2","mageia","rpm",[71],{"version":72,"is_range":73,"range_type":74,"version_start":9,"version_start_type":9,"version_end":75,"version_end_type":76,"fixed_in":9},"lt2_2_0_1_3_mga6",true,"ecosystem","2.2.0-1.3.mga6","excluding"]