Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:deb/debian/openjpeg2@2.4.0-3
purl pkg:deb/debian/openjpeg2@2.4.0-3
Next non-vulnerable version 2.5.0-2+deb12u2
Latest non-vulnerable version 2.5.0-2+deb12u2
Risk 3.4
Vulnerabilities affecting this package (6)
Vulnerability Summary Fixed by
VCID-an46-hxt9-57e1
Aliases:
CVE-2021-3575
Out-of-bounds Write A heap-based buffer overflow was found in openjpeg in color.c:379:42 in sycc420_to_rgb when decompressing a crafted .j2k file. An attacker could use this to execute arbitrary code with the permissions of the application compiled against openjpeg.
2.5.0-2+deb12u2
Affected by 0 other vulnerabilities.
VCID-cgvq-jt8a-4yba
Aliases:
CVE-2024-56826
openjpeg: heap buffer overflow in bin/common/color.c
2.5.0-2+deb12u2
Affected by 0 other vulnerabilities.
VCID-k9dc-cxnp-nug2
Aliases:
CVE-2024-56827
openjpeg: heap buffer overflow in lib/openjp2/j2k.c
2.5.0-2+deb12u2
Affected by 0 other vulnerabilities.
VCID-pzv2-p44c-8qg4
Aliases:
CVE-2021-29338
Multiple vulnerabilities have been discovered in OpenJPEG, the worst of which could result in arbitrary code execution.
2.5.0-2+deb12u2
Affected by 0 other vulnerabilities.
VCID-qyq1-1npp-yyb4
Aliases:
CVE-2025-50952
openjpeg: Openjpeg NULL pointer dereference
2.5.0-2+deb12u2
Affected by 0 other vulnerabilities.
VCID-xh3j-ufru-6fby
Aliases:
CVE-2022-1122
Access of Uninitialized Pointer A flaw was found in the opj2_decompress program in openjpeg2 2.4.0 in the way it handles an input directory with a large number of files. When it fails to allocate a buffer to store the filenames of the input directory, it calls free() on an uninitialized pointer, leading to a segmentation fault and a denial of service.
2.5.0-2+deb12u2
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (18)
Vulnerability Summary Aliases
VCID-1z5a-aa47-dyft openjpeg: out-of-bounds read in functions pi_next_lrcp, pi_next_rlcp, pi_next_rpcl, pi_next_pcrl, pi_next_rpcl, and pi_next_cprl in openmj2/pi.c leads to denial of service CVE-2018-20846
VCID-2272-j2kp-x3du Multiple vulnerabilities have been found in OpenJPEG, the worst of which could result in the arbitrary execution of code. CVE-2019-12973
VCID-2ad2-5t5w-d7ew openjpeg: global-buffer-overflow read in opj_dwt_calc_explicit_stepsizes() CVE-2020-27824
VCID-3r1m-53dp-yff2 Multiple vulnerabilities have been found in OpenJPEG, the worst of which could result in the arbitrary execution of code. CVE-2020-27842
VCID-4hbk-qsje-63fd Multiple vulnerabilities have been found in OpenJPEG, the worst of which could result in the arbitrary execution of code. CVE-2020-27841
VCID-7ath-fa35-5uca openjpeg: Heap-based buffer overflow in opj_t1_clbl_decode_processor() CVE-2020-6851
VCID-ecez-3pwt-pudf openjpeg: division-by-zero in functions pi_next_pcrl, pi_next_cprl, and pi_next_rpcl in openmj2/pi.c CVE-2018-20845
VCID-hxax-t3zc-8kax openjpeg: integer overflow in opj_t1_encode_cblks in src/lib/openjp2/t1.c CVE-2018-5727
VCID-kq91-13ek-rkcu Multiple vulnerabilities have been found in OpenJPEG, the worst of which could result in the arbitrary execution of code. CVE-2020-15389
VCID-mdhg-k4sr-3bg7 openjpeg: heap-based buffer overflow in pj_t1_clbl_decode_processor in openjp2/t1.c CVE-2020-8112
VCID-u497-trj1-rfdj Multiple vulnerabilities have been found in OpenJPEG, the worst of which could result in the arbitrary execution of code. CVE-2020-27814
VCID-whsh-5urk-b3ap openjpeg: heap-buffer-overflow write in opj_tcd_dc_level_shift_encode() CVE-2020-27823
VCID-xc4v-2aa6-yfd6 Multiple vulnerabilities have been found in OpenJPEG, the worst of which could result in the arbitrary execution of code. CVE-2020-27843
VCID-xvjg-5z4m-pqdv openjpeg: integer overflow in function opj_get_encoding_parameters in openjp2/pi.c CVE-2018-20847
VCID-yb58-a8p7-v7dw Multiple vulnerabilities have been found in OpenJPEG, the worst of which could result in the arbitrary execution of code. CVE-2018-21010
VCID-z1a1-p95p-sya2 An issue was discovered in mj2/opj_mj2_extract.c in OpenJPEG 2.3.0. The output prefix was not checked for length, which could overflow a buffer, when providing a prefix with 50 or more characters on the command line. CVE-2018-7648
VCID-zgaa-57ak-jbex Multiple vulnerabilities have been found in OpenJPEG, the worst of which could result in the arbitrary execution of code. CVE-2020-27845
VCID-zz9f-brcy-ekdy openjpeg: Heap-based buffer overflow in pnmtoimage function in bin/jpwl/convert.c CVE-2018-16375

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T01:02:26.417509+00:00 Debian Oval Importer Fixing VCID-zgaa-57ak-jbex https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-16T01:01:20.290359+00:00 Debian Oval Importer Fixing VCID-hxax-t3zc-8kax https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-16T00:58:56.718530+00:00 Debian Oval Importer Fixing VCID-zz9f-brcy-ekdy https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-16T00:27:53.264975+00:00 Debian Oval Importer Fixing VCID-ecez-3pwt-pudf https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-16T00:14:27.319518+00:00 Debian Oval Importer Affected by VCID-xh3j-ufru-6fby https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-16T00:06:29.501273+00:00 Debian Oval Importer Fixing VCID-2ad2-5t5w-d7ew https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T23:55:49.439509+00:00 Debian Oval Importer Fixing VCID-1z5a-aa47-dyft https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T23:24:39.453747+00:00 Debian Oval Importer Affected by VCID-pzv2-p44c-8qg4 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T23:00:02.397595+00:00 Debian Oval Importer Fixing VCID-xvjg-5z4m-pqdv https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T22:38:51.374020+00:00 Debian Oval Importer Affected by VCID-k9dc-cxnp-nug2 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T22:37:50.999671+00:00 Debian Oval Importer Affected by VCID-cgvq-jt8a-4yba https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T22:34:02.377621+00:00 Debian Oval Importer Fixing VCID-yb58-a8p7-v7dw https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T21:41:27.523862+00:00 Debian Oval Importer Fixing VCID-mdhg-k4sr-3bg7 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T21:29:15.400047+00:00 Debian Oval Importer Fixing VCID-whsh-5urk-b3ap https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T20:55:30.202411+00:00 Debian Oval Importer Fixing VCID-xc4v-2aa6-yfd6 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T20:47:02.453977+00:00 Debian Oval Importer Affected by VCID-qyq1-1npp-yyb4 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T20:37:11.254081+00:00 Debian Oval Importer Fixing VCID-3r1m-53dp-yff2 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T20:09:20.486251+00:00 Debian Oval Importer Fixing VCID-z1a1-p95p-sya2 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T18:50:39.611003+00:00 Debian Oval Importer Fixing VCID-4hbk-qsje-63fd https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T18:13:02.916079+00:00 Debian Oval Importer Affected by VCID-an46-hxt9-57e1 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T18:03:26.986917+00:00 Debian Oval Importer Fixing VCID-2272-j2kp-x3du https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T17:56:09.136383+00:00 Debian Oval Importer Fixing VCID-kq91-13ek-rkcu https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T17:38:33.008925+00:00 Debian Oval Importer Fixing VCID-7ath-fa35-5uca https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T16:30:54.499955+00:00 Debian Oval Importer Fixing VCID-u497-trj1-rfdj https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-12T00:34:34.134048+00:00 Debian Oval Importer Fixing VCID-zgaa-57ak-jbex https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-12T00:33:30.399827+00:00 Debian Oval Importer Fixing VCID-hxax-t3zc-8kax https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-12T00:31:11.637212+00:00 Debian Oval Importer Fixing VCID-zz9f-brcy-ekdy https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-12T00:01:16.695310+00:00 Debian Oval Importer Fixing VCID-ecez-3pwt-pudf https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T23:48:11.272659+00:00 Debian Oval Importer Affected by VCID-xh3j-ufru-6fby https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T23:40:30.318783+00:00 Debian Oval Importer Fixing VCID-2ad2-5t5w-d7ew https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T23:30:04.315179+00:00 Debian Oval Importer Fixing VCID-1z5a-aa47-dyft https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T23:00:07.599611+00:00 Debian Oval Importer Affected by VCID-pzv2-p44c-8qg4 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T22:36:18.718763+00:00 Debian Oval Importer Fixing VCID-xvjg-5z4m-pqdv https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T22:15:36.805022+00:00 Debian Oval Importer Affected by VCID-k9dc-cxnp-nug2 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T22:14:38.877634+00:00 Debian Oval Importer Affected by VCID-cgvq-jt8a-4yba https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T22:10:57.122123+00:00 Debian Oval Importer Fixing VCID-yb58-a8p7-v7dw https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T21:20:14.734598+00:00 Debian Oval Importer Fixing VCID-mdhg-k4sr-3bg7 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T21:08:26.161057+00:00 Debian Oval Importer Fixing VCID-whsh-5urk-b3ap https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T20:35:57.018891+00:00 Debian Oval Importer Fixing VCID-xc4v-2aa6-yfd6 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T20:27:56.863396+00:00 Debian Oval Importer Affected by VCID-qyq1-1npp-yyb4 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T20:18:21.600482+00:00 Debian Oval Importer Fixing VCID-3r1m-53dp-yff2 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T19:51:02.711471+00:00 Debian Oval Importer Fixing VCID-z1a1-p95p-sya2 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T18:35:12.743624+00:00 Debian Oval Importer Fixing VCID-4hbk-qsje-63fd https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T17:58:29.723109+00:00 Debian Oval Importer Affected by VCID-an46-hxt9-57e1 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T17:49:10.496548+00:00 Debian Oval Importer Fixing VCID-2272-j2kp-x3du https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T17:42:03.435714+00:00 Debian Oval Importer Fixing VCID-kq91-13ek-rkcu https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T17:24:45.361089+00:00 Debian Oval Importer Fixing VCID-7ath-fa35-5uca https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T16:18:00.906484+00:00 Debian Oval Importer Fixing VCID-u497-trj1-rfdj https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-09T00:04:44.613102+00:00 Debian Oval Importer Fixing VCID-zgaa-57ak-jbex https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-09T00:03:44.160165+00:00 Debian Oval Importer Fixing VCID-hxax-t3zc-8kax https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-09T00:01:32.785943+00:00 Debian Oval Importer Fixing VCID-zz9f-brcy-ekdy https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T23:32:43.319688+00:00 Debian Oval Importer Fixing VCID-ecez-3pwt-pudf https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T23:20:22.500412+00:00 Debian Oval Importer Affected by VCID-xh3j-ufru-6fby https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T23:12:59.853954+00:00 Debian Oval Importer Fixing VCID-2ad2-5t5w-d7ew https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T23:02:58.572955+00:00 Debian Oval Importer Fixing VCID-1z5a-aa47-dyft https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T22:34:15.613067+00:00 Debian Oval Importer Affected by VCID-pzv2-p44c-8qg4 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T22:11:39.256208+00:00 Debian Oval Importer Fixing VCID-xvjg-5z4m-pqdv https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T21:51:55.089613+00:00 Debian Oval Importer Affected by VCID-k9dc-cxnp-nug2 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T21:51:00.211490+00:00 Debian Oval Importer Affected by VCID-cgvq-jt8a-4yba https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T21:47:27.100105+00:00 Debian Oval Importer Fixing VCID-yb58-a8p7-v7dw https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T20:58:57.276094+00:00 Debian Oval Importer Fixing VCID-mdhg-k4sr-3bg7 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T20:47:29.973045+00:00 Debian Oval Importer Fixing VCID-whsh-5urk-b3ap https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T20:16:03.185928+00:00 Debian Oval Importer Fixing VCID-xc4v-2aa6-yfd6 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T20:08:21.397629+00:00 Debian Oval Importer Affected by VCID-qyq1-1npp-yyb4 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T19:59:12.676609+00:00 Debian Oval Importer Fixing VCID-3r1m-53dp-yff2 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T19:33:25.533148+00:00 Debian Oval Importer Fixing VCID-z1a1-p95p-sya2 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T18:20:21.486402+00:00 Debian Oval Importer Fixing VCID-4hbk-qsje-63fd https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T17:45:14.459061+00:00 Debian Oval Importer Affected by VCID-an46-hxt9-57e1 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T17:36:22.717367+00:00 Debian Oval Importer Fixing VCID-2272-j2kp-x3du https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T17:29:26.880568+00:00 Debian Oval Importer Fixing VCID-kq91-13ek-rkcu https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T17:12:57.446935+00:00 Debian Oval Importer Fixing VCID-7ath-fa35-5uca https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T16:10:06.546516+00:00 Debian Oval Importer Fixing VCID-u497-trj1-rfdj https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0