VDB
CVE-2025-54874
CVE-2025-54874
PUBLISHED
CVSS 9.300000190734863 CRITICAL
Die OpenJPEG Bibliothek ist ein in C geschriebener Open Source JPEG 2000 Codec.
EPSS 0.33% · 55.7th percentile
Risk Scores
CVSS v4.0
9.300000190734863
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
EPSS Score
0.33%
55.7th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Fedora | Fedora Linux | |
| SUSE | SUSE openSUSE | |
| Ubuntu | Ubuntu Linux | |
| Oracle | Oracle Linux | |
| Red Hat | Red Hat Enterprise Linux | |
| Open Source | Open Source OpenJPEG <=2.5.3 |
Timeline
- Jan 21, 1970 Security Advisory
- Aug 5, 2025 Coalition ESS Score
- Aug 5, 2025 Coalition ESS Score
- Aug 5, 2025 CVE Published
- Aug 6, 2025 EPSS Score
- Aug 14, 2025 EPSS Score
- Aug 22, 2025 Coalition ESS Score
- Aug 23, 2025 EPSS Score
- Aug 26, 2025 Coalition ESS Score
- Aug 31, 2025 EPSS Score
- Sep 9, 2025 EPSS Score
- Sep 12, 2025 Coalition ESS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-1722.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1722 advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2386543 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2025-54874 advisory
- https://access.redhat.com/security/cve/CVE-2025-54874 advisory
- https://github.com/uclouvain/openjpeg/commit/f809b80c67717c152a5ad30bf06774f00da4fd2d advisory
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/I3NHBTHTNGHBLKOX7BCCWOUGVWNPHG7K/ advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-2025-4588dcd9ee advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-2025-8355fbd790 advisory
- https://access.redhat.com/errata/RHSA-2025:13944 advisory
- https://linux.oracle.com/errata/ELSA-2025-13944.html advisory
- https://ubuntu.com/security/notices/USN-7757-1 advisory
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/E7F2HA2SRGDQDCLGGH6GGSNS5FICMCLF/ advisory