CVE-2023-39327

CWE-400 โ€” Uncontrolled Resource Consumption9 documents7 sources
Severity
4.3MEDIUM
EPSS
0.0%
top 92.61%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Uclouvain Openjpeg
Timeline
PublishedJul 13
Latest updateJul 8

Description

A flaw was found in OpenJPEG. Maliciously constructed pictures can cause the program to enter a large loop and continuously print warning messages on the terminal.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:LExploitability: 2.8 | Impact: 1.4

Affected Packages2 packages

โ–ถNVDuclouvain/openjpeg2.0, 2.5.0+1
โ–ถUbuntughostscript< 9.55.0~dfsg1-0ubuntu5.12+4

๐Ÿ”ดVulnerability Details

4
OSV
ghostscript vulnerabilitiesโ†—2025-07-08
โ–ถ
GHSA
GHSA-f7p4-6cq7-whmw: A flaw was found in OpenJPEGโ†—2024-07-13
โ–ถ
OSV
CVE-2023-39327: A flaw was found in OpenJPEGโ†—2024-07-13
โ–ถ
CVEList
Openjpeg: malicious files can cause the program to enter a large loopโ†—2024-07-13
โ–ถ

๐Ÿ“‹Vendor Advisories

4
Ubuntu
Ghostscript vulnerabilitiesโ†—2025-07-08
โ–ถ
Ubuntu
OpenJPEG vulnerabilityโ†—2024-09-26
โ–ถ
Red Hat
openjpeg: Malicious files can cause the program to enter a large loopโ†—2024-07-04
โ–ถ
Debian
CVE-2023-39327: openjpeg2 - A flaw was found in OpenJPEG. Maliciously constructed pictures can cause the pro...โ†—2023
โ–ถ
CVE-2023-39327 (MEDIUM CVSS 4.3) | A flaw was found in OpenJPEG | cvebase.io