VulnerableCode Package Details - pkg:deb/debian/openjpeg2@2.5.0-2%2Bdeb12u2

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-an46-hxt9-57e1	Out-of-bounds Write A heap-based buffer overflow was found in openjpeg in color.c:379:42 in sycc420_to_rgb when decompressing a crafted .j2k file. An attacker could use this to execute arbitrary code with the permissions of the application compiled against openjpeg.	CVE-2021-3575
VCID-cgvq-jt8a-4yba	openjpeg: heap buffer overflow in bin/common/color.c	CVE-2024-56826
VCID-k9dc-cxnp-nug2	openjpeg: heap buffer overflow in lib/openjp2/j2k.c	CVE-2024-56827
VCID-pzv2-p44c-8qg4	Multiple vulnerabilities have been discovered in OpenJPEG, the worst of which could result in arbitrary code execution.	CVE-2021-29338
VCID-qyq1-1npp-yyb4	openjpeg: Openjpeg NULL pointer dereference	CVE-2025-50952
VCID-xh3j-ufru-6fby	Access of Uninitialized Pointer A flaw was found in the opj2_decompress program in openjpeg2 2.4.0 in the way it handles an input directory with a large number of files. When it fails to allocate a buffer to store the filenames of the input directory, it calls free() on an uninitialized pointer, leading to a segmentation fault and a denial of service.	CVE-2022-1122

Vulnerability

Summary

Aliases

VCID-an46-hxt9-57e1

Out-of-bounds Write A heap-based buffer overflow was found in openjpeg in color.c:379:42 in sycc420_to_rgb when decompressing a crafted .j2k file. An attacker could use this to execute arbitrary code with the permissions of the application compiled against openjpeg.

CVE-2021-3575

VCID-cgvq-jt8a-4yba

openjpeg: heap buffer overflow in bin/common/color.c

CVE-2024-56826

VCID-k9dc-cxnp-nug2

openjpeg: heap buffer overflow in lib/openjp2/j2k.c

CVE-2024-56827

VCID-pzv2-p44c-8qg4

Multiple vulnerabilities have been discovered in OpenJPEG, the worst of which could result in arbitrary code execution.

CVE-2021-29338

VCID-qyq1-1npp-yyb4

openjpeg: Openjpeg NULL pointer dereference

CVE-2025-50952

VCID-xh3j-ufru-6fby

Access of Uninitialized Pointer A flaw was found in the opj2_decompress program in openjpeg2 2.4.0 in the way it handles an input directory with a large number of files. When it fails to allocate a buffer to store the filenames of the input directory, it calls free() on an uninitialized pointer, leading to a segmentation fault and a denial of service.

CVE-2022-1122

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T00:14:27.323239+00:00	Debian Oval Importer	Fixing	VCID-xh3j-ufru-6fby	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T23:24:39.457957+00:00	Debian Oval Importer	Fixing	VCID-pzv2-p44c-8qg4	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T22:38:51.378104+00:00	Debian Oval Importer	Fixing	VCID-k9dc-cxnp-nug2	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T22:37:51.003028+00:00	Debian Oval Importer	Fixing	VCID-cgvq-jt8a-4yba	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T20:47:02.457777+00:00	Debian Oval Importer	Fixing	VCID-qyq1-1npp-yyb4	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T18:13:02.920539+00:00	Debian Oval Importer	Fixing	VCID-an46-hxt9-57e1	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-11T23:48:11.277003+00:00	Debian Oval Importer	Fixing	VCID-xh3j-ufru-6fby	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T23:00:07.603477+00:00	Debian Oval Importer	Fixing	VCID-pzv2-p44c-8qg4	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T22:15:36.808824+00:00	Debian Oval Importer	Fixing	VCID-k9dc-cxnp-nug2	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T22:14:38.881308+00:00	Debian Oval Importer	Fixing	VCID-cgvq-jt8a-4yba	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T20:27:56.866867+00:00	Debian Oval Importer	Fixing	VCID-qyq1-1npp-yyb4	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T17:58:29.727176+00:00	Debian Oval Importer	Fixing	VCID-an46-hxt9-57e1	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-08T23:20:22.504342+00:00	Debian Oval Importer	Fixing	VCID-xh3j-ufru-6fby	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T22:34:15.614772+00:00	Debian Oval Importer	Fixing	VCID-pzv2-p44c-8qg4	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T21:51:55.094057+00:00	Debian Oval Importer	Fixing	VCID-k9dc-cxnp-nug2	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T21:51:00.215712+00:00	Debian Oval Importer	Fixing	VCID-cgvq-jt8a-4yba	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T20:08:21.401923+00:00	Debian Oval Importer	Fixing	VCID-qyq1-1npp-yyb4	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T17:45:14.464883+00:00	Debian Oval Importer	Fixing	VCID-an46-hxt9-57e1	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0