CVE-2025-54874
EUVD-2025-2363105.08.2025, 15:15
OpenJPEG is an open-source JPEG 2000 codec. In OpenJPEG from 2.5.1 through 2.5.3, a call to opj_jp2_read_header may lead to OOB heap memory write when the data stream p_stream is too short and p_image is not initialized.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| uclouvain | openjpeg | 𝑥 ≤ 2.5.3 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
Ubuntu Product | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| insighttoolkit4 |
| ||||||||||||||
| qtwebengine-opensource-src |
| ||||||||||||||
| blender |
| ||||||||||||||
| texmaker |
| ||||||||||||||
| ghostscript |
| ||||||||||||||
| openjpeg |
| ||||||||||||||
| openjpeg2 |
|
Common Weakness Enumeration