Unrated severityNVD Advisory· Published Dec 6, 2015· Updated Jun 17, 2026

CVE-2015-6776

Description

The opj_dwt_decode_1* functions in dwt.c in OpenJPEG, as used in PDFium in Google Chrome before 47.0.2526.73, allow remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JPEG 2000 data that is mishandled during a discrete wavelet transform.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

Google/Chrome
cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
Range: <=46.0.2490.86
OpenJPEG/openjpeg2llm-fuzzy
Google/Google Chromellm-fuzzy
Range: <47.0.2526.73
osv-coords
pkg:rpm/opensuse/chromium&distro=openSUSE%20Tumbleweed
Range: < 55.0.2883.75-3.1

Patches

Vulnerability mechanics

References

googlechromereleases.blogspot.com/2015/12/stable-channel-update.htmlnvd
lists.opensuse.org/opensuse-security-announce/2015-12/msg00016.htmlnvd
lists.opensuse.org/opensuse-security-announce/2015-12/msg00017.htmlnvd
www.debian.org/security/2015/dsa-3415nvd
www.securityfocus.com/bid/78416nvd
www.securitytracker.com/id/1034298nvd
code.google.com/p/chromium/issues/detailnvd
codereview.chromium.org/1416783002nvd
codereview.chromium.org/1416783002/diff/20001/third_party/libopenjpeg20/0003-dwt-decode.patchnvd
codereview.chromium.org/1416783002/diff/20001/third_party/libopenjpeg20/README.pdfiumnvd
security.gentoo.org/glsa/201603-09nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000