CVE-2016-10506
MEDIUMUclouvain Openjpeg < 2.1.2 - Divide By Zero
Title source: ruleDescription
Division-by-zero vulnerabilities in the functions opj_pi_next_cprl, opj_pi_next_pcrl, and opj_pi_next_rpcl in pi.c in OpenJPEG before 2.2.0 allow remote attackers to cause a denial of service (application crash) via crafted j2k files.
References (9)
Scores
CVSS v3
6.5
EPSS
0.0430
EPSS Percentile
88.7%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Classification
CWE
CWE-369
Status
draft
Affected Products (1)
uclouvain/openjpeg
< 2.1.2
Timeline
Published
Aug 30, 2017
Tracked Since
Feb 18, 2026