OESA-2026-1959 openjpeg2 security update

OpenJPEG is an open-source JPEG 2000 codec written in C language. It has been developed in order to promote the use of JPEG 2000, a still-image compression standard from the Joint Photographic Experts Group JPEG. Since April 2015, it is officially recognized by ISO/IEC and ITU-T as a JPEG 2000...

AZL-70874 CVE-2025-65018 affecting package openjpeg2 2.3.1-12

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. From version 1.6.0 to before 1.6.51, there is a heap buffer overflow vulnerability in the libpng simplified API function pngimagefinishread when processing...

ROS-20251112-05

Vulnerability in the t2.c component of the OpenJPEG image encoding and decoding library is related to an uncontrolled resource consumption. Exploitation of the vulnerability allows an attacker acting remotely cause a denial of service...

[SECURITY] Fedora 40 Update: openjpeg2-2.5.3-1.fc40

The OpenJPEG library is an open-source JPEG 2000 library developed in order to promote the use of JPEG 2000. This package contains JPEG 2000 codec compliant with the Part 1 of the standard Class-1 Profile-1 compliance. JP2 JPEG 2000 standard Part 2 - Handling of JP2 boxes and extended multiple...

[SECURITY] Fedora 35 Update: openjpeg2-2.4.0-5.fc35

The OpenJPEG library is an open-source JPEG 2000 library developed in order to promote the use of JPEG 2000. This package contains JPEG 2000 codec compliant with the Part 1 of the standard Class-1 Profile-1 compliance. JP2 JPEG 2000 standard Part 2 - Handling of JP2 boxes and extended multiple...

UBUNTU-CVE-2022-1122

A flaw was found in the opj2decompress program in openjpeg2 2.4.0 in the way it handles an input directory with a large number of files. When it fails to allocate a buffer to store the filenames of the input directory, it calls free on an uninitialized pointer, leading to a segmentation fault and...

AZL-44088 CVE-2022-0562 affecting package openjpeg2 2.3.1-12

Null source pointer passed as an argument to memcpy function within TIFFReadDirectory in tifdirread.c in libtiff versions from 4.0 to 4.3.0 could lead to Denial of Service via crafted TIFF file. For users that compile libtiff from sources, a fix is available with commit 561599c...

The vulnerability of the OpenJPEG library for image encoding and decoding, related to reading data beyond the buffer’s acceptable limits, allows attackers to cause service failures.

The vulnerability of the OpenJPEG library for image encoding and decoding is related to reading data beyond the allowed buffer limits. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

Moderate: openjpeg2 security update

OpenJPEG is an open source library for reading and writing image files in JPEG2000 format. The following packages have been upgraded to a later upstream version: openjpeg2 2.4.0. Security Fixes: openjpeg: use-after-free and double-free via a mix of valid and invalid files in a directory operated ...

The vulnerability of the opj_dwt_calc_explicit_stepsizes() function in the OpenJPEG image encoding and decoding library lies in the lack of a mechanism to verify the size of the copied data. This allows an attacker to trigger a service failure.

The vulnerability of the opjdwtcalcexplicitstepsizes function in the OpenJPEG image encoding and decoding library is related to the lack of a mechanism for checking the size of copied data. Exploiting this vulnerability allows an attacker to trigger a service failure remotely...

[SECURITY] Fedora 34 Update: openjpeg2-2.4.0-3.fc34

The OpenJPEG library is an open-source JPEG 2000 library developed in order to promote the use of JPEG 2000. This package contains JPEG 2000 codec compliant with the Part 1 of the standard Class-1 Profil e-1 compliance. JP2 JPEG 2000 standard Part 2 - Handling of JP2 boxes and extended multi ple...

The vulnerability of the OpenJPEG library for image encoding and decoding, related to the lack of zero-division checking, allows attackers to trigger a service failure.

The vulnerability of the OpenJPEG library for image encoding and decoding is related to division by zero. Exploiting this vulnerability allows a remote attacker to cause a service failure...

Fedora: Security Advisory for openjpeg2 (FEDORA-2020-d32853a28d)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

AZL-45006 CVE-2020-27841 affecting package openjpeg2 for versions less than 2.3.1-12

There's a flaw in openjpeg in versions prior to 2.4.0 in src/lib/openjp2/pi.c. When an attacker is able to provide crafted input to be processed by the openjpeg encoder, this could cause an out-of-bounds read. The greatest impact from this flaw is to application availability...

PT-2020-6194 · Openjpeg +9 · Openjpeg +9

Name of the Vulnerable Software and Affected Versions: openjpeg versions prior to 2.4.0 Description: The issue is related to an out-of-bounds read in the src/lib/openjp2/pi.c component of the openjpeg library. This occurs when an attacker provides untrusted input to openjpeg's conversion or...

The vulnerability of the opj_t1_clbl_decode_processor function in the OpenJPEG image encoding and decoding library allows a attacker to cause a service failure.

The vulnerability of the opjt1clbldecodeprocessor function in the OpenJPEG image encoding and decoding library is related to the output of the operation outside of the buffer in memory. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

The vulnerability of the opj_t1_clbl_decode_processor function (openjp2/t1.c) in the OpenJPEG image encoding and decoding library, which allows a hacker to trigger a service failure.

The vulnerability of the opjt1clbldecodeprocessor function in the OpenJPEG image encoding and decoding library is related to writing beyond the buffer memory boundaries. Exploiting this vulnerability could allow a malicious actor to cause service interruptions remotely...

[SECURITY] Fedora 31 Update: openjpeg2-2.3.1-6.fc31

The OpenJPEG library is an open-source JPEG 2000 library developed in order to promote the use of JPEG 2000. This package contains JPEG 2000 codec compliant with the Part 1 of the standard Class-1 Profil e-1 compliance. JP2 JPEG 2000 standard Part 2 - Handling of JP2 boxes and extended multi ple...

openjpeg2 security update

CentOS Errata and Security Advisory CESA-2020:0550 An update for openjpeg2 is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severi...

Important: Red Hat Security Advisory: openjpeg2 security update

An update for openjpeg2 is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...