Details of issue NIXPKGS-2025-0016

affected

created 26 Sep 2025

NIXPKGS-2025-0016

A flaw was found in OpenJPEG. A resource exhaustion can occur in the opj_t1_decode_cblks function in tcd.c through a crafted image file, causing a denial of service.

Vulnerabilities

CVE-2023-39329

Related packages

pkgs.openjpeg

Open-source JPEG 2000 codec written in C language

nixos-25.05 2.5.2
- nixpkgs-25.05-darwin 2.5.2
- nixos-25.05-small 2.5.2
nixos-unstable 2.5.2
- nixos-unstable-small 2.5.2
- nixpkgs-unstable 2.5.2

pkgs.python311Packages.pylibjpeg-openjpeg

A J2K and JP2 plugin for pylibjpeg

nixos-unstable 2.3.0
- nixos-unstable-small 2.3.0
- nixpkgs-unstable 2.3.0

pkgs.python312Packages.pylibjpeg-openjpeg

A J2K and JP2 plugin for pylibjpeg

nixos-25.05 2.4.0
- nixpkgs-25.05-darwin 2.4.0
- nixos-25.05-small 2.4.0
nixos-unstable 2.4.0
- nixos-unstable-small 2.4.0
- nixpkgs-unstable 2.4.0

pkgs.python313Packages.pylibjpeg-openjpeg

A J2K and JP2 plugin for pylibjpeg

nixos-25.05 2.4.0
- nixpkgs-25.05-darwin 2.4.0
- nixos-25.05-small 2.4.0
nixos-unstable 2.4.0
- nixos-unstable-small 2.4.0
- nixpkgs-unstable 2.4.0

pkgs.python312Packages.pylibjpeg-openjpeg.x86_64-linux

A J2K and JP2 plugin for pylibjpeg

nixos-unstable 2.3.0