{"id":"MGASA-2014-0182","summary":"Updated openjpeg packages fix security vulnerability","details":"Updated openjpeg packages fix security vulnerability:\n\nA heap-based buffer overflow was found in the way openjpeg parsed certain\nimage files from a JPEG2000 image. If a specially-crafted image were \nopened by an application linked against OpenJPEG, it could cause the\napplication to crash or, potentially, execute arbitrary code with the\nprivileges of the user running the application (CVE-2014-0158).\n","modified":"2026-04-16T06:23:01.414738725Z","published":"2014-04-17T20:33:54Z","upstream":["CVE-2014-0158"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2014-0182.html"},{"type":"WEB","url":"https://lists.fedoraproject.org/pipermail/package-announce/2014-April/131474.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=13218"}],"affected":[{"package":{"name":"openjpeg","ecosystem":"Mageia:3","purl":"pkg:rpm/mageia/openjpeg?arch=source&distro=mageia-3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.5.1-3.2.mga3"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2014-0182.json"}},{"package":{"name":"openjpeg","ecosystem":"Mageia:4","purl":"pkg:rpm/mageia/openjpeg?arch=source&distro=mageia-4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.5.1-4.1.mga4"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2014-0182.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}