cpe:/a:uclouvain:openjpeg:2.3.0 cpe:/o:debian:debian_linux:8.0 cpe:/o:debian:debian_linux:9.0 CVE-2018-18088 2018-10-09T16:29:00.607-04:00 2019-08-21T16:15:11.773-04:00 4.3 NETWORK MEDIUM NONE NONE NONE PARTIAL http://nvd.nist.gov DEBIAN DSA-4405 UBUNTU USN-4109-1 MLIST [debian-lts-announce] 20181120 [SECURITY] [DLA 1579-1] openjpeg2 security update MISC https://github.com/uclouvain/openjpeg/issues/1152 OpenJPEG 2.3.0 has a NULL pointer dereference for "red" in the imagetopnm function of jp2/convert.c