{"schema_version":"1.7.2","id":"OESA-2026-1959","modified":"2026-04-17T13:02:24Z","published":"2026-04-17T13:02:24Z","upstream":["CVE-2026-6192"],"summary":"openjpeg2 security update","details":"OpenJPEG is an open-source JPEG 2000 codec written in C language. It has been developed in order to promote the use of JPEG 2000, a still-image compression standard from the Joint Photographic Experts Group (JPEG). Since April 2015, it is officially recognized by ISO/IEC and ITU-T as a JPEG 2000 Reference Software.\r\n\r\nSecurity Fix(es):\n\nA vulnerability was identified in uclouvain openjpeg up to 2.5.4. This impacts the function opj_pi_initialise_encode in the library src/lib/openjp2/pi.c. The manipulation leads to integer overflow. The attack must be carried out locally. The exploit is publicly available and might be used. The identifier of the patch is 839936aa33eb8899bbbd80fda02796bb65068951. It is suggested to install a patch to address this issue.(CVE-2026-6192)","affected":[{"package":{"ecosystem":"openEuler:24.03-LTS-SP3","name":"openjpeg2","purl":"pkg:rpm/openEuler/openjpeg2&distro=openEuler-24.03-LTS-SP3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.5.0-9.oe2403sp3"}]}],"ecosystem_specific":{"aarch64":["openjpeg2-2.5.0-9.oe2403sp3.aarch64.rpm","openjpeg2-debuginfo-2.5.0-9.oe2403sp3.aarch64.rpm","openjpeg2-debugsource-2.5.0-9.oe2403sp3.aarch64.rpm","openjpeg2-devel-2.5.0-9.oe2403sp3.aarch64.rpm","openjpeg2-tools-2.5.0-9.oe2403sp3.aarch64.rpm"],"noarch":["openjpeg2-help-2.5.0-9.oe2403sp3.noarch.rpm"],"src":["openjpeg2-2.5.0-9.oe2403sp3.src.rpm"],"x86_64":["openjpeg2-2.5.0-9.oe2403sp3.x86_64.rpm","openjpeg2-debuginfo-2.5.0-9.oe2403sp3.x86_64.rpm","openjpeg2-debugsource-2.5.0-9.oe2403sp3.x86_64.rpm","openjpeg2-devel-2.5.0-9.oe2403sp3.x86_64.rpm","openjpeg2-tools-2.5.0-9.oe2403sp3.x86_64.rpm"]}}],"references":[{"type":"ADVISORY","url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-1959"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-6192"}],"database_specific":{"severity":"Low"}}