| Package | openjpeg2 |
|---|---|
| Version | 2.3.0-2+deb10u3 (buster) |
| Related CVEs | CVE-2021-3575 CVE-2021-29338 CVE-2022-1122 CVE-2024-56826 CVE-2024-56827 |
Several security vulnerabilities have been discovered in openjpeg2, a JPEG 2000 image library. Processing of maliciously crafted image files may trigger heap-based buffer overflows which may lead to an application crash or other undefined behavior.
For Debian 10 buster, these problems have been fixed in version 2.3.0-2+deb10u3.
We recommend that you upgrade your openjpeg2 packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.