[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-SUSE-SU-2017:2649-1":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T14:55:33.319Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":24,"duplicates":25,"related":26,"reserved_at":9,"published_at":32,"modified_at":33,"state":9,"summary":34,"references_raw":36,"kevs":85,"epss":9,"epss_history":86,"metrics":87,"affected":88},"SUSE-SU-2017:2649-1","Security update for openjpeg2\n\nThis update for openjpeg2 fixes several issues.\n\nThese security issues were fixed:\n\n- CVE-2016-10507: Integer overflow vulnerability in the bmp24toimage function\n  allowed remote attackers to cause a denial of service (heap-based buffer\n  over-read and application crash) via a crafted bmp file (bsc#1056421).\n- CVE-2017-14039: A heap-based buffer overflow was discovered in the\n  opj_t2_encode_packet function. The vulnerability caused an out-of-bounds write,\n  which may have lead to remote denial of service or possibly unspecified other\n  impact (bsc#1056622).\n- CVE-2017-14164: A size-validation issue was discovered in opj_j2k_write_sot.\n  The vulnerability caused an out-of-bounds write, which may have lead to remote\n  DoS or possibly remote code execution (bsc#1057511).\n- CVE-2017-14040: An invalid write access was discovered in bin/jp2/convert.c,\n  triggering a crash in the tgatoimage function. The vulnerability may have lead\n  to remote denial of service or possibly unspecified other impact (bsc#1056621).\n- CVE-2017-14041: A stack-based buffer overflow was discovered in the\n  pgxtoimage function. The vulnerability caused an out-of-bounds write, which may\n  have lead to remote denial of service or possibly remote code execution\n  (bsc#1056562).\n",null,[],[],[],[14,16,18,20,22],{"_key":15},"CVE-2016-10507",{"_key":17},"CVE-2017-14039",{"_key":19},"CVE-2017-14040",{"_key":21},"CVE-2017-14041",{"_key":23},"CVE-2017-14164",[],[],[27,28,29,30,31],{"_key":15},{"_key":17},{"_key":19},{"_key":21},{"_key":23},"2017-10-05T05:58:07Z","2026-02-04T04:29:39.095021Z",{"cisa_kev":35,"cisa_ransomware":35,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[37,43,48,52,56,60,64,69,73,77,81],{"url":38,"sources":39,"tags":41},"https://www.suse.com/support/update/announcement/2017/suse-su-20172649-1/",[40],"osv_suse",[42],"Advisory",{"url":44,"sources":45,"tags":46},"https://bugzilla.suse.com/1056421",[40],[47],"REPORT",{"url":49,"sources":50,"tags":51},"https://bugzilla.suse.com/1056562",[40],[47],{"url":53,"sources":54,"tags":55},"https://bugzilla.suse.com/1056621",[40],[47],{"url":57,"sources":58,"tags":59},"https://bugzilla.suse.com/1056622",[40],[47],{"url":61,"sources":62,"tags":63},"https://bugzilla.suse.com/1057511",[40],[47],{"url":65,"sources":66,"tags":67},"https://www.suse.com/security/cve/CVE-2016-10507",[40],[68],"WEB",{"url":70,"sources":71,"tags":72},"https://www.suse.com/security/cve/CVE-2017-14039",[40],[68],{"url":74,"sources":75,"tags":76},"https://www.suse.com/security/cve/CVE-2017-14040",[40],[68],{"url":78,"sources":79,"tags":80},"https://www.suse.com/security/cve/CVE-2017-14041",[40],[68],{"url":82,"sources":83,"tags":84},"https://www.suse.com/security/cve/CVE-2017-14164",[40],[68],[],[],[],[89,102,106,110,114,118,122],{"ecosystem":90,"name":91,"vendor":92,"product":93,"cpe_part":9,"purl_type":94,"purl_namespace":92,"purl_name":93,"source":9,"versions":95},"SUSE Linux Enterprise","openjpeg2","suse","openjpeg2&distro=SUSE Linux Enterprise Desktop 12 SP2","rpm",[96],{"version":97,"is_range":98,"range_type":99,"version_start":9,"version_start_type":9,"version_end":100,"version_end_type":101,"fixed_in":9},"lt2_1_0_4_6_1",true,"ecosystem","2.1.0-4.6.1","excluding",{"ecosystem":90,"name":91,"vendor":92,"product":103,"cpe_part":9,"purl_type":94,"purl_namespace":92,"purl_name":103,"source":9,"versions":104},"openjpeg2&distro=SUSE Linux Enterprise Desktop 12 SP3",[105],{"version":97,"is_range":98,"range_type":99,"version_start":9,"version_start_type":9,"version_end":100,"version_end_type":101,"fixed_in":9},{"ecosystem":90,"name":91,"vendor":92,"product":107,"cpe_part":9,"purl_type":94,"purl_namespace":92,"purl_name":107,"source":9,"versions":108},"openjpeg2&distro=SUSE Linux Enterprise Server 12 SP2",[109],{"version":97,"is_range":98,"range_type":99,"version_start":9,"version_start_type":9,"version_end":100,"version_end_type":101,"fixed_in":9},{"ecosystem":90,"name":91,"vendor":92,"product":111,"cpe_part":9,"purl_type":94,"purl_namespace":92,"purl_name":111,"source":9,"versions":112},"openjpeg2&distro=SUSE Linux Enterprise Server 12 SP3",[113],{"version":97,"is_range":98,"range_type":99,"version_start":9,"version_start_type":9,"version_end":100,"version_end_type":101,"fixed_in":9},{"ecosystem":90,"name":91,"vendor":92,"product":115,"cpe_part":9,"purl_type":94,"purl_namespace":92,"purl_name":115,"source":9,"versions":116},"openjpeg2&distro=SUSE Linux Enterprise Server for Raspberry Pi 12 SP2",[117],{"version":97,"is_range":98,"range_type":99,"version_start":9,"version_start_type":9,"version_end":100,"version_end_type":101,"fixed_in":9},{"ecosystem":90,"name":91,"vendor":92,"product":119,"cpe_part":9,"purl_type":94,"purl_namespace":92,"purl_name":119,"source":9,"versions":120},"openjpeg2&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP2",[121],{"version":97,"is_range":98,"range_type":99,"version_start":9,"version_start_type":9,"version_end":100,"version_end_type":101,"fixed_in":9},{"ecosystem":90,"name":91,"vendor":92,"product":123,"cpe_part":9,"purl_type":94,"purl_namespace":92,"purl_name":123,"source":9,"versions":124},"openjpeg2&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP3",[125],{"version":97,"is_range":98,"range_type":99,"version_start":9,"version_start_type":9,"version_end":100,"version_end_type":101,"fixed_in":9}]