| Package | openjpeg2 |
|---|---|
| Version | 2.3.0-2+deb10u5 (buster) |
| Related CVEs | CVE-2026-6192 |
A vulnerability was identified in uclouvain. This impacts the function opj_pi_initialise_encode in the library src/lib/openjp2/pi.c. The manipulation leads to integer overflow. The attack must be carried out locally.
For Debian 10 buster, these problems have been fixed in version 2.3.0-2+deb10u5.
We recommend that you upgrade your openjpeg2 packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.