216.73.217.80

CVE-2025-54874

· Published 05/08/2025 15:15 · Modified 05/08/2025 21:06

Labels: CVE-2025-54874 2025-08-05CVE-2025-54874CWE-457[email protected]

Essential information

Published
05/08/2025 15:15
Modified
05/08/2025 21:06
Author
Creator
CVSS
6.6 MEDIUM (v3) 6.6 MEDIUM (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

OpenJPEG is an open-source JPEG 2000 codec. In OpenJPEG 2.5.3 and earlier, a call to opj_jp2_read_header may lead to OOB heap memory write when the data stream p_stream is too short and p_image is not initialized.

NVD status

Status
Awaiting Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
openjpeg / openjpeg cpe:2.3:a:openjpeg:openjpeg:<2.5.3:*:*:*:*:*:*:*

References