pkg:Alpine/openjpeg

All known vulnerabilities

• CRITICAL9.8CVE-2025-54874OpenJPEG is an open-source JPEG 2000 codec.
  from 0, < 2.5.3-r1
• CRITICAL9.8CVE-2017-17480openjpeg2 - security update
  from 0, < 2.3.0-r1
• HIGH8.8CVE-2020-8112openjpeg2 - security update
  from 0, < 2.3.1-r3
• HIGH8.8CVE-2018-21010openjpeg2 - security update
  from 0, < 2.3.0-r3
• HIGH8.8CVE-2016-9580An integer overflow vulnerability was found in tiftoimage function in openjpeg 2.1.2, resulting in heap buffer overflow.
  from 0, < 2.1.2-r1
• HIGH8.8CVE-2016-9581An infinite loop vulnerability in tiftoimage that results in heap buffer overflow in convert_32s_C1P1 was found in openjpeg 2.1.2.
  from 0, < 2.1.2-r1
• HIGH8.8CVE-2017-14164A size-validation issue was discovered in opj_j2k_write_sot in lib/openjp2/j2k.c in OpenJPEG 2.2.0.
  from 0, < 2.2.0-r2
• HIGH8.8CVE-2017-14152A mishandled zero case was discovered in opj_j2k_set_cinema_parameters in lib/openjp2/j2k.c in OpenJPEG 2.2.0.
  from 0, < 2.2.0-r2
• HIGH8.8CVE-2017-14151An off-by-one error was discovered in opj_tcd_code_block_enc_allocate_data in lib/openjp2/tcd.c in OpenJPEG 2.2.0.
  from 0, < 2.2.0-r2
• HIGH8.8CVE-2017-14041A stack-based buffer overflow was discovered in the pgxtoimage function in bin/jp2/convert.c in OpenJPEG 2.2.0.
  from 0, < 2.2.0-r2
• HIGH8.8CVE-2017-14040An invalid write access was discovered in bin/jp2/convert.c in OpenJPEG 2.2.0, triggering a crash in the tgatoimage function.
  from 0, < 2.2.0-r2
• HIGH8.8CVE-2017-14039A heap-based buffer overflow was discovered in the opj_t2_encode_packet function in lib/openjp2/t2.c in OpenJPEG 2.2.0.
  from 0, < 2.3.0-r0
• HIGH7.8CVE-2021-3575openjpeg2 - security update
  from 0, < 2.5.0-r0
• HIGH7.8CVE-2020-27823A flaw was found in OpenJPEG’s encoder.
  from 0, < 2.3.1-r5
• HIGH7.8CVE-2020-27814openjpeg2 - security update
  from 0, < 2.3.1-r5
• HIGH7.8CVE-2020-27844A flaw was found in openjpeg's src/lib/openjp2/t2.c in versions prior to 2.4.0.
  from 0, < 2.4.0-r0
• HIGH7.5CVE-2020-6851openjpeg2 - security update
  from 0, < 2.3.1-r3
• HIGH7.5CVE-2018-14423openjpeg2 - security update
  from 0, < 2.3.0-r2
• MEDIUM6.5CVE-2025-50952openjpeg2 - security update
  from 0, < 2.5.3-r0
• MEDIUM6.5CVE-2020-15389openjpeg2 - security update
  from 0, < 2.3.1-r4
• MEDIUM6.5CVE-2018-18088OpenJPEG 2.3.0 has a NULL pointer dereference for "red" in the imagetopnm function of jp2/convert.c
  from 0, < 2.3.0-r1
• MEDIUM6.5CVE-2018-5785In OpenJPEG 2.3.0, there is an integer overflow caused by an out-of-bounds left shift in the opj_j2k_setup_encoder function (openjp2/j2k.c).
  from 0, < 2.3.0-r3
• MEDIUM5.5CVE-2022-1122A flaw was found in the opj2_decompress program in openjpeg2 2.4.0 in the way it handles an input directory with a large number of files.
  from 0, < 2.5.0-r0
• MEDIUM5.5CVE-2020-27824A flaw was found in OpenJPEG’s encoder in the opj_dwt_calc_explicit_stepsizes() function.
  from 0, < 2.3.1-r5
• MEDIUM5.5CVE-2021-29338openjpeg2 - security update
  from 0, < 2.4.0-r1
• MEDIUM5.5CVE-2019-12973openjpeg2 - security update
  from 0, < 2.3.1-r4
• MEDIUM5.5CVE-2018-6616In OpenJPEG 2.3.0, there is excessive iteration in the opj_t1_encode_cblks function of openjp2/t1.c.
  from 0, < 2.3.0-r2
• MEDIUM5.5CVE-2017-12982The bmp_read_info_header function in bin/jp2/convertbmp.c in OpenJPEG 2.2.0 does not reject headers with a zero biBitCount, which allows re…
  from 0, < 2.2.0-r1