Unrated severityOSV Advisory· Published Jul 13, 2024· Updated Mar 9, 2026
Openjpeg: malicious files can cause the program to enter a large loop
CVE-2023-39327
Description
A flaw was found in OpenJPEG. Maliciously constructed pictures can cause the program to enter a large loop and continuously print warning messages on the terminal.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
19- osv-coords17 versionspkg:apk/chainguard/openjpegpkg:apk/chainguard/openjpeg-devpkg:apk/chainguard/openjpeg-toolspkg:apk/wolfi/openjpegpkg:apk/wolfi/openjpeg-devpkg:apk/wolfi/openjpeg-toolspkg:rpm/opensuse/openjpeg2&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/openjpeg2&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/openjpeg2&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/openjpeg&distro=openSUSE%20Leap%2015.6pkg:rpm/suse/openjpeg2&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP7pkg:rpm/suse/openjpeg2&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP7pkg:rpm/suse/openjpeg2&distro=SUSE%20Linux%20Enterprise%20Server%2016.0pkg:rpm/suse/openjpeg2&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20applications%2016.0pkg:rpm/suse/openjpeg2&distro=SUSE%20Linux%20Enterprise%20Server%20LTSS%20Extended%20Security%2012%20SP5pkg:rpm/suse/openjpeg&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP6pkg:rpm/suse/openjpeg&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP7
< 2.5.4-r2+ 16 more
- (no CPE)range: < 2.5.4-r2
- (no CPE)range: < 2.5.4-r0
- (no CPE)range: < 2.5.4-r0
- (no CPE)range: < 2.5.4-r2
- (no CPE)range: < 2.5.4-r0
- (no CPE)range: < 2.5.4-r0
- (no CPE)range: < 2.3.0-150000.3.24.1
- (no CPE)range: < 2.5.3-160000.3.1
- (no CPE)range: < 2.5.4-2.1
- (no CPE)range: < 1.5.2-150000.4.15.1
- (no CPE)range: < 2.3.0-150000.3.24.1
- (no CPE)range: < 2.3.0-150000.3.24.1
- (no CPE)range: < 2.5.3-160000.3.1
- (no CPE)range: < 2.5.3-160000.3.1
- (no CPE)range: < 2.1.0-4.27.1
- (no CPE)range: < 1.5.2-150000.4.15.1
- (no CPE)range: < 1.5.2-150000.4.15.1
Patches
Vulnerability mechanics
References
3- access.redhat.com/errata/RHSA-2026:4128mitrevendor-advisoryx_refsource_REDHAT
- access.redhat.com/security/cve/CVE-2023-39327mitrevdb-entryx_refsource_REDHAT
- bugzilla.redhat.com/show_bug.cgimitreissue-trackingx_refsource_REDHAT
News mentions
0No linked articles in our index yet.