/
DirectorySecurity AdvisoriesPricing
Sign inRequest a trial
Security Advisories

CVE-2025-54874

Published

Last updated

NVD

https://nvd.nist.gov/vuln/detail/CVE-2025-54874

Severity

Unknown

Description

OpenJPEG is an open-source JPEG 2000 codec. In OpenJPEG 2.5.3 and earlier, a call to opj_jp2_read_header may lead to OOB heap memory write when the data stream p_stream is too short and p_image is not initialized.

References

  • https://images.chainguard.dev/security/CGA-5c2x-phq4-5wpc
  • https://securitylab.github.com/advisories/GHSL-2025-057_OpenCV
  • https://github.com/uclouvain/openjpeg/commit/f809b80c67717c152a5ad30bf06774f00da4fd2d
  • https://github.com/uclouvain/openjpeg/pull/1573
  • https://security-tracker.debian.org/tracker/CVE-2025-54874

Affected packages

Safe Source for Open Sourceâ„¢
Contact us
© 2025 Chainguard. All Rights Reserved.
Private PolicyTerms of Use

Products

Chainguard ContainersChainguard LibrariesChainguard VMs

Why Chainguard

FedRAMPPCICVE RemediationGolden Images

Customers

Customer StoriesChainguard Love

Company

About UsPricingContact UsOpen SourceCareersNewsroomLegalScanner Partners

Resources

Unchained BlogEventsTrust CenterDocumentation