VYPR
Vendor

Kakadu Software Pty Ltd

Products
1
CVEs
2
Across products
2
Status
Private

Products

1

Recent CVEs

2
  • CVE-2019-5144HigDec 12, 2019
    risk 0.53cvss 8.1epss 0.02

    An exploitable heap underflow vulnerability exists in the derive_taps_and_gains function in kdu_v7ar.dll of Kakadu Software SDK 7.10.2. A specially crafted jp2 file can cause a heap overflow, which can result in remote code execution. An attacker could provide a malformed file…

  • CVE-2023-6562HigDec 20, 2023
    risk 0.49cvss 7.5epss 0.01

    JPX Fragment List (flst) box vulnerability in Kakadu 7.9 allows an attacker to exfiltrate local and remote files reachable by a server if the server allows the attacker to upload a specially-crafted the image that is displayed back to the attacker.