MGASA-2025-0012
Advisory lineage Upstream: 2 Downstream: 0
Upstream
Published: 16 Jan 2025, 07:14
Last modified:16 Apr 2026, 04:21
Vulnerability Summary
Overall Risk (default)
minimal
0/100 CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
16 Jan 2025, 07:14
Published
Vulnerability first disclosed
16 Apr 2026, 04:21
Last Modified
Vulnerability information updated
Description
Updated openjpeg2 packages fix security vulnerabilities Heap buffer overflow in bin/common/color.c. (CVE-2024-56826) Heap buffer overflow in lib/openjp2/j2k.c. (CVE-2024-56827)
Affected Systems
- mageia•openjpeg2
< 2.5.0-1.2.mga9
References (4)
- https://advisories.mageia.org/MGASA-2025-0012.html
- https://bugs.mageia.org/show_bug.cgi?id=33905
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AWMGURRKWFOTMCKEBHYWF7HHDJSY7BTR/
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/XKBM37J7PMJ763EKO4IP3FLOLF4U26HW/