Medium severity6.5NVD Advisory· Published Oct 18, 2017· Updated Jun 17, 2026
CVE-2015-1239
CVE-2015-1239
Description
Double free vulnerability in the j2k_read_ppm_v3 function in OpenJPEG before r2997, as used in PDFium in Google Chrome, allows remote attackers to cause a denial of service (process crash) via a crafted PDF.
Affected products
15- osv-coords9 versionspkg:apk/chainguard/openjpegpkg:apk/chainguard/openjpeg-devpkg:apk/chainguard/openjpeg-toolspkg:apk/wolfi/openjpegpkg:apk/wolfi/openjpeg-devpkg:apk/wolfi/openjpeg-toolspkg:rpm/suse/openjpeg2&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP3pkg:rpm/suse/openjpeg2&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3pkg:rpm/suse/openjpeg2&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3
< 0+ 8 more
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 2.1.0-4.9.1
- (no CPE)range: < 2.1.0-4.9.1
- (no CPE)range: < 2.1.0-4.9.1
Patches
Vulnerability mechanics
References
3- bugs.chromium.org/p/chromium/issues/detailnvdExploit
- bugs.chromium.org/p/chromium/issues/detailnvdExploit
- lists.debian.org/debian-lts-announce/2018/07/msg00025.htmlnvdThird Party Advisory
News mentions
0No linked articles in our index yet.