VulnerableCode Package Details - pkg:deb/debian/openjpeg2@2.5.3-1?distro=trixie

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-an46-hxt9-57e1	Out-of-bounds Write A heap-based buffer overflow was found in openjpeg in color.c:379:42 in sycc420_to_rgb when decompressing a crafted .j2k file. An attacker could use this to execute arbitrary code with the permissions of the application compiled against openjpeg.	CVE-2021-3575
VCID-cgvq-jt8a-4yba	openjpeg: heap buffer overflow in bin/common/color.c	CVE-2024-56826
VCID-k9dc-cxnp-nug2	openjpeg: heap buffer overflow in lib/openjp2/j2k.c	CVE-2024-56827
VCID-qyq1-1npp-yyb4	openjpeg: Openjpeg NULL pointer dereference	CVE-2025-50952

Vulnerability

Summary

Aliases

VCID-an46-hxt9-57e1

Out-of-bounds Write A heap-based buffer overflow was found in openjpeg in color.c:379:42 in sycc420_to_rgb when decompressing a crafted .j2k file. An attacker could use this to execute arbitrary code with the permissions of the application compiled against openjpeg.

CVE-2021-3575

VCID-cgvq-jt8a-4yba

openjpeg: heap buffer overflow in bin/common/color.c

CVE-2024-56826

VCID-k9dc-cxnp-nug2

openjpeg: heap buffer overflow in lib/openjp2/j2k.c

CVE-2024-56827

VCID-qyq1-1npp-yyb4

openjpeg: Openjpeg NULL pointer dereference

CVE-2025-50952

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T12:21:30.766557+00:00	Debian Importer	Fixing	VCID-an46-hxt9-57e1	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T11:03:04.296832+00:00	Debian Importer	Fixing	VCID-cgvq-jt8a-4yba	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T09:20:13.105228+00:00	Debian Importer	Fixing	VCID-qyq1-1npp-yyb4	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T08:39:14.901771+00:00	Debian Importer	Fixing	VCID-k9dc-cxnp-nug2	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-13T08:27:19.911179+00:00	Debian Importer	Fixing	VCID-an46-hxt9-57e1	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T07:30:13.127128+00:00	Debian Importer	Fixing	VCID-cgvq-jt8a-4yba	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-11T18:14:15.746611+00:00	Debian Importer	Fixing	VCID-qyq1-1npp-yyb4	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-11T17:49:03.595427+00:00	Debian Importer	Fixing	VCID-k9dc-cxnp-nug2	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-03T07:48:43.142157+00:00	Debian Importer	Fixing	VCID-qyq1-1npp-yyb4	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:48:43.091392+00:00	Debian Importer	Fixing	VCID-k9dc-cxnp-nug2	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:48:43.024657+00:00	Debian Importer	Fixing	VCID-cgvq-jt8a-4yba	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:48:42.863314+00:00	Debian Importer	Fixing	VCID-an46-hxt9-57e1	https://security-tracker.debian.org/tracker/data/json	38.1.0