INFSA-2025:13944: openjpeg2 security update
Information about definition
Identificator: INFSA-2025:13944
Type: security
Release date: 2025-08-27 16:19:04 UTC
Information about package
OpenJPEG is an open source library for reading and writing image files in JPEG2000 format.
Vulnerabilities description
- CVE-2025-54874
An out-of-bounds heap memory write (OOB) flaw was found in OpenJPEG. A call to opj_jp2_read_header may lead to an OOB heap memory write when the data stream p_stream is too short and p_image is not initialized.
Severity level
| CVE | Score CVSS 2.0 | Score CVSS 3.x | Score CVSS 4.0 |
|---|---|---|---|
|
NIST — CVE-2025-54874
|
no information | 8.0 | no information |
Updated packages