Search for packages
Package details: pkg:deb/debian/openjpeg2@2.5.3-2
purl pkg:deb/debian/openjpeg2@2.5.3-2
Next non-vulnerable version 2.5.3-2.1
Latest non-vulnerable version 2.5.3-2.1
Risk 3.6
Vulnerabilities affecting this package (1)
Vulnerability Summary Fixed by
VCID-bezp-5u19-9be7
Aliases:
CVE-2025-54874
OpenJPEG is an open-source JPEG 2000 codec. In OpenJPEG 2.5.3 and earlier, a call to opj_jp2_read_header may lead to OOB heap memory write when the data stream p_stream is too short and p_image is not initialized.
2.5.3-2.1
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (1)
Vulnerability Summary Aliases
VCID-tds3-nq6r-aybk openjpeg v 2.5.0 was discovered to contain a NULL pointer dereference via the component /openjp2/dwt.c. CVE-2025-50952

Date Actor Action Vulnerability Source VulnerableCode Version
2025-08-09T12:39:40.419826+00:00 Debian Importer Fixing VCID-tds3-nq6r-aybk https://security-tracker.debian.org/tracker/data/json 37.0.0
2025-08-07T12:50:08.890816+00:00 Debian Importer Affected by VCID-bezp-5u19-9be7 https://security-tracker.debian.org/tracker/data/json 37.0.0