A vulnerability, which was classified as critical, has been found in uclouvain openjpeg up to 2.5.3. Affected by this issue is the function opj_jp2_read_header. The manipulation leads to use of uninitialized variable.

This vulnerability is handled as CVE-2025-54874. The attack may be launched remotely. There is no exploit available.

It is recommended to apply a patch to fix this issue.