Medium severity6.5NVD Advisory· Published Oct 9, 2018· Updated Jun 17, 2026
CVE-2018-18088
CVE-2018-18088
Description
OpenJPEG 2.3.0 has a NULL pointer dereference for "red" in the imagetopnm function of jp2/convert.c
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
7- osv-coords6 versionspkg:rpm/opensuse/openjpeg2&distro=openSUSE%20Leap%2015.6pkg:rpm/suse/openjpeg2&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6pkg:rpm/suse/openjpeg2&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP7pkg:rpm/suse/openjpeg2&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP6pkg:rpm/suse/openjpeg2&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP7pkg:rpm/suse/openjpeg2&distro=SUSE%20Linux%20Enterprise%20Server%20LTSS%20Extended%20Security%2012%20SP5
< 2.3.0-150000.3.21.1+ 5 more
- (no CPE)range: < 2.3.0-150000.3.21.1
- (no CPE)range: < 2.3.0-150000.3.21.1
- (no CPE)range: < 2.3.0-150000.3.21.1
- (no CPE)range: < 2.3.0-150000.3.21.1
- (no CPE)range: < 2.3.0-150000.3.21.1
- (no CPE)range: < 2.1.0-4.24.1
Patches
Vulnerability mechanics
References
4- github.com/uclouvain/openjpeg/issues/1152nvdExploitThird Party Advisory
- lists.debian.org/debian-lts-announce/2018/11/msg00018.htmlnvdMailing ListThird Party Advisory
- www.debian.org/security/2019/dsa-4405nvdThird Party Advisory
- usn.ubuntu.com/4109-1/nvd
News mentions
0No linked articles in our index yet.