EUVD-2012-1517

Malware in sbrugna...

EUVD-2025-23631

Malicious code in bioql PyPI...

OESA-2025-2039 openjpeg2 security update

OpenJPEG is an open-source JPEG 2000 codec written in C language. It has been developed in order to promote the use of JPEG 2000, a still-image compression standard from the Joint Photographic Experts Group JPEG. Since April 2015, it is officially recognized by ISO/IEC and ITU-T as a JPEG 2000...

CVE-2025-54874 OpenJPEG allows OOB heap memory write in opj_jp2_read_header

OpenJPEG is an open-source JPEG 2000 codec. In OpenJPEG from 2.5.1 through 2.5.3, a call to opjjp2readheader may lead to OOB heap memory write when the data stream pstream is too short and pimage is not initialized...

CVE-2025-54874

OpenJPEG (JPEG 2000 codec) contains a vulnerability CVE-2025-54874: in OpenJPEG 2.5.1–2.5.3, a call to opj_jp2_read_header may cause an out-of-bounds heap write when the data stream is too short and p_image is not initialized. This is referenced across multiple security advisories and vendors (Ub...

CVE-2025-54874

OpenJPEG is an open-source JPEG 2000 codec. In OpenJPEG from 2.5.1 through 2.5.3, a call to opjjp2readheader may lead to OOB heap memory write when the data stream pstream is too short and pimage is not initialized...

CVE-2025-54874

OpenJPEG is an open-source JPEG 2000 codec. In OpenJPEG from 2.5.1 through 2.5.3, a call to opjjp2readheader may lead to OOB heap memory write when the data stream pstream is too short and pimage is not initialized...

CVE-2025-54874 OpenJPEG allows OOB heap memory write in opj_jp2_read_header

OpenJPEG is an open-source JPEG 2000 codec. In OpenJPEG from 2.5.1 through 2.5.3, a call to opjjp2readheader may lead to OOB heap memory write when the data stream pstream is too short and pimage is not initialized...

PT-2025-31936

Name of the Vulnerable Software and Affected Versions: OpenJPEG versions 2.5.3 and earlier Description: OpenJPEG is an open-source JPEG 2000 codec. A call to the opj jp2 read header function may lead to an out-of-bounds heap memory write when the data stream p stream is too short and p image is n...

USN-4497-1: OpenJPEG vulnerabilities

It was discovered that OpenJPEG incorrectly handled certain image files. A remote attacker could possibly use this issue to cause a denial of service. CVE-2016-9112 It was discovered that OpenJPEG did not properly handle certain input. If OpenJPEG were supplied with specially crafted input, it...

[SECURITY] Fedora 30 Update: openjpeg2-2.3.1-4.fc30

The OpenJPEG library is an open-source JPEG 2000 library developed in order to promote the use of JPEG 2000. This package contains JPEG 2000 codec compliant with the Part 1 of the standard Class-1 Profil e-1 compliance. JP2 JPEG 2000 standard Part 2 - Handling of JP2 boxes and extended multi ple...

JasPer Null Pointer Dereference Vulnerability (CNVD-2019-00809)

JasPer is a Canadian software developer Michael Adams developed a JPEG-2000 codec / decoder open source implementation . A null pointer dereference vulnerability exists in the 'jp2decode' function in the libjasper/jp2/jp2dec.c file in version 2.0.14 of JasPer, which can be exploited by an attacke...

[SECURITY] [DLA 1579-1] openjpeg2 security update

Package : openjpeg2 Version : 2.1.0-2+deb8u5 CVE ID : CVE-2017-17480 CVE-2018-18088 Multiple vulnerabilities have been discovered in openjpeg2, the open-source JPEG 2000 codec. CVE-2017-17480 Write stack buffer overflow due to missing buffer length formatter in fscanf call jp3d and jpwl codecs...

JasPer Null Pointer Dereference Vulnerability

JasPer is a Canadian software developer Michael Adams developed an open source implementation of the JPEG-2000 codec. A null pointer dereference vulnerability exists in the 'rasputdatastd' function in the ras/rasenc.c file in JasPer version 2.0.14, which can be exploited by an attacker to cause a...

CVE-2017-16387

An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This vulnerability occurs as a result of a computation that reads data that is past the end of the...

[SECURITY] Fedora 27 Update: openjpeg2-2.2.0-3.fc27

The OpenJPEG library is an open-source JPEG 2000 library developed in order to promote the use of JPEG 2000. This package contains JPEG 2000 codec compliant with the Part 1 of the standard Class-1 Profil e-1 compliance. JP2 JPEG 2000 standard Part 2 - Handling of JP2 boxes and extended multi ple...

jasper: heap-based buffer overflow in QMFB code in JPC codec

A heap-buffer overflow vulnerability was found in QMFB code in JPC codec caused by buffer being allocated with too small size. jasper versions before 2.0.0 are affected...

JasPer Denial of Service Vulnerability (CNVD-2017-01029)

JasPer is a Canadian software developer Michael Adams developed an open source implementation of the JPEG-2000 codec. A denial of service vulnerability exists in JasPer. An attacker could exploit this vulnerability to crash the application, resulting in a denial of service...

JasPer Denial of Service Vulnerability (CNVD-2016-11403)

JasPer is an open source implementation of the JPEG-2000 codec . JasPer suffers from a denial of service vulnerability that can be exploited by an attacker to cause a denial of service...

JasPer Null Pointer Backreference Vulnerability

JasPer is a Canadian software developer Michael Adams developed an open source implementation of the JPEG-2000 codec. JasPer bmpdec.c:394:5 contains a null pointer back-reference vulnerability that can be exploited by an attacker to crash an application and deny service to a legitimate user...