{ "affected": [ { "database_specific": { "unresolved_ranges": [ { "events": [ { "introduced": "0" }, { "last_affected": "8.0" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "9.0" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "18.04" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "18c" } ] } ] }, "ranges": [ { "database_specific": { "versions": [ { "introduced": "0" }, { "last_affected": "2.3.0" } ] }, "events": [ { "introduced": "0" }, { "last_affected": "081de4b15f54cb4482035b7bf5e3fb443e4bc84b" } ], "repo": "https://github.com/uclouvain/openjpeg", "type": "GIT" } ] } ], "details": "In OpenJPEG 2.3.0, there is excessive iteration in the opj_t1_encode_cblks function of openjp2/t1.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file.", "id": "CVE-2018-6616", "modified": "2026-03-14T13:50:42.738104442Z", "published": "2018-02-04T22:29:00.243Z", "references": [ { "type": "ADVISORY", "url": "https://lists.debian.org/debian-lts-announce/2018/12/msg00013.html" }, { "type": "ADVISORY", "url": "https://usn.ubuntu.com/4109-1/" }, { "type": "ADVISORY", "url": "https://www.debian.org/security/2019/dsa-4405" }, { "type": "ADVISORY", "url": "https://www.oracle.com/security-alerts/cpujul2020.html" }, { "type": "EVIDENCE", "url": "https://github.com/uclouvain/openjpeg/issues/1059" } ], "severity": [ { "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "type": "CVSS_V3" } ] }