INFCSA-2022:8207: openjpeg2 security update
Information about definition
Identificator: INFCSA-2022:8207
Type: security
Release date: 2025-09-24 19:40:55 UTC
Information about package
OpenJPEG is an open source library for reading and writing image files in JPEG2000 format.
Vulnerabilities description
- CVE-2022-1122
A flaw was found in the opj2_decompress program in openjpeg2 in the way it handles an input directory with a large number of files. When it fails to allocate a buffer to store the filenames of the input directory, it calls free() on an uninitialized pointer, leading to a segmentation fault and a denial of service.
Severity level
| CVE | Score CVSS 2.0 | Score CVSS 3.x | Score CVSS 4.0 |
|---|---|---|---|
|
NIST — CVE-2022-1122
|
no information | 5.1 | no information |
Updated packages
Preparing to download...