CNNVD-202508-277 Information

Aug 05, 2025 cve

CNNVD ID

CNNVD-202508-277

CVE-2025-54874

CNNVD Published: 2025-08-05

Description (Chinese)

OpenJPEG是Université catholique de Louvain开源的一款基于C语言的开源JPEG2000编码解码器。 OpenJPEG 2.5.3及之前版本存在安全漏洞，该漏洞源于opj_jp2_read_header可能导致堆内存越界写入。

Description (English)

OpenJPEG is an open-source JPEG2000 code decoder for Université catholique de Louvain based on C languages. OpenJPEG 2.5.3 and previous versions contain a security loophole that originates from opj jp2 read header and may result in the transfer of memory across borders.

Hazard Level

Low

Vulnerability Type

其他

Affected Vendor

Université catholique de Louvain

Published

2025-08-05

Last Modified

2026-02-24

References

https://github.com/uclouvain/openjpeg/commit/f809b80c67717c152a5ad30bf06774f00da4fd2d https://github.com/uclouvain/openjpeg/pull/1573 https://securitylab.github.com/advisories/GHSL-2025-057_OpenCV https://access.redhat.com/security/cve/cve-2025-54874 https://www.oracle.com/security-alerts/cpujan2026.html

Share on: