VulnerableCode Package Details - pkg:deb/debian/openjpeg2@2.5.0-2%2Bdeb12u2

Search for packages

Package details: pkg:deb/debian/openjpeg2@2.5.0-2%2Bdeb12u2

Essentials
History (2)

purl	pkg:deb/debian/openjpeg2@2.5.0-2%2Bdeb12u2

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (2)

Vulnerability	Summary	Aliases
VCID-7g2q-np8h-tbdn	A heap-based buffer overflow was found in openjpeg in color.c:379:42 in sycc420_to_rgb when decompressing a crafted .j2k file. An attacker could use this to execute arbitrary code with the permissions of the application compiled against openjpeg.	CVE-2021-3575
VCID-tds3-nq6r-aybk	openjpeg v 2.5.0 was discovered to contain a NULL pointer dereference via the component /openjp2/dwt.c.	CVE-2025-50952

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-09-09T23:21:39.749344+00:00	Debian Oval Importer	Fixing	VCID-7g2q-np8h-tbdn	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	37.0.0
2025-09-09T19:54:40.643876+00:00	Debian Importer	Fixing	VCID-tds3-nq6r-aybk	https://security-tracker.debian.org/tracker/data/json	37.0.0