NIXPKGS-2025-0005

published on 17 Sep 2025

Permalink CVE-2023-39327

updated 4 months, 2 weeks ago by @Erethon Activity log

Created automatic suggestion 5 months, 4 weeks ago
@Erethon accepted 4 months, 2 weeks ago
@Erethon published on GitHub 4 months, 2 weeks ago

Openjpeg: malicious files can cause the program to enter a large loop

A flaw was found in OpenJPEG. Maliciously constructed pictures can cause the program to enter a large loop and continuously print warning messages on the terminal.

Affected products

openjpeg

==2.5.0

openjpeg2

gimp:flatpak/openjpeg2

inkscape:flatpak/openjpeg2

libreoffice:flatpak/openjpeg2

Matching in nixpkgs

pkgs.openjpeg

Open-source JPEG 2000 codec written in C language

nixos-unstable 2.5.2
- nixpkgs-unstable 2.5.2
- nixos-unstable-small 2.5.2
nixos-25.05 -
- nixos-25.05-small 2.5.2

pkgs.python311Packages.pylibjpeg-openjpeg

A J2K and JP2 plugin for pylibjpeg

nixos-unstable 2.3.0
- nixpkgs-unstable 2.3.0
- nixos-unstable-small 2.3.0

pkgs.python312Packages.pylibjpeg-openjpeg

A J2K and JP2 plugin for pylibjpeg

nixos-unstable 2.4.0
- nixpkgs-unstable 2.4.0
- nixos-unstable-small 2.4.0
nixos-25.05 -
- nixos-25.05-small 2.4.0

pkgs.python313Packages.pylibjpeg-openjpeg

A J2K and JP2 plugin for pylibjpeg

nixos-unstable 2.4.0
- nixpkgs-unstable 2.4.0
- nixos-unstable-small 2.4.0
nixos-25.05 -
- nixos-25.05-small 2.4.0

Package maintainers

@codyopel Cody Opel <codyopel@gmail.com>
@bcdarwin Ben Darwin <bcdarwin@gmail.com>

Nixpkgs Security Tracker

Details of issue NIXPKGS-2025-0005

Affected products

Matching in nixpkgs

pkgs.openjpeg

pkgs.python311Packages.pylibjpeg-openjpeg

pkgs.python312Packages.pylibjpeg-openjpeg

pkgs.python313Packages.pylibjpeg-openjpeg

Package maintainers