Lucene search
K

9 matches found

Tenable Nessus
Tenable Nessus
added 2026/05/29 12:0 a.m.9 views

Fedora 44 : jpegxl (2026-aa2e960a9f)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-aa2e960a9f advisory. Update to version 0.11.2. Resolves CVE-2025-12474 and CVE-2026-1837. Release notes: https://github.com/libjxl/libjxl/releases/tag/v0.11.2 Tenable ha...

8.8CVSS5.9AI score0.00199EPSS
Exploits1References3
OPENSUSE Linux
OPENSUSE Linux
added 2026/03/30 12:0 a.m.3 views

Security update for libjxl (moderate)

openSUSE Security Update: Security update for libjxl Announcement ID: openSUSE-SU-2026:0107-1 Rating: moderate References: 1258090 Cross-References: CVE-2025-12474 CVSS scores: CVE-2025-12474 SUSE: 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N Affected Products: openSUSE...

6.9CVSS5.9AI score0.00101EPSS
Exploits0References1
OSV
OSV
added 2026/03/18 10:13 a.m.0 views

OPENSUSE-SU-2026:20385-1 Security update for libjxl

This update for libjxl fixes the following issues: Update to libjxl 0.11.2: - CVE-2025-12474: a specially crafted file can cause the decoder to read pixel data from uninitialized allocated memory bsc1258090. - CVE-2026-1837: a specially crafted file can cause the decoder to write pixel data to...

8.8CVSS5.9AI score0.00199EPSS
Exploits1References4
Amazon
Amazon
added 2026/03/06 12:0 a.m.5 views

Important: firefox

Issue Overview: A specially-crafted file can cause libjxl's decoder to read pixel data from uninitialized but allocated memory. This can be done by causing the decoder to reference an outside-image-bound area in a subsequent patches. An incorrect optimization causes the decoder to omit populating...

8.8CVSS6.2AI score0.006EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2026/03/06 12:0 a.m.15 views

Amazon Linux 2023 : firefox (ALAS2023-2026-1469)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1469 advisory. A specially-crafted file can cause libjxl's decoder to read pixel data from uninitialized but allocated memory. This can be done by causing the decoder to reference an outside-image-bound area...

8.8CVSS6.1AI score0.006EPSS
Exploits1References8
Tenable Nessus
Tenable Nessus
added 2026/03/06 12:0 a.m.14 views

Amazon Linux 2 : thunderbird, --advisory ALAS2-2026-3190 (ALAS-2026-3190)

The version of thunderbird installed on the remote host is prior to 140.7.2-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3190 advisory. A specially-crafted file can cause libjxl's decoder to read pixel data from uninitialized but allocated memory. This...

8.8CVSS6.1AI score0.006EPSS
Exploits1References8
Amazon
Amazon
added 2026/03/05 12:0 a.m.6 views

Important: jpegxl

Issue Overview: A specially-crafted file can cause libjxl's decoder to read pixel data from uninitialized but allocated memory. This can be done by causing the decoder to reference an outside-image-bound area in a subsequent patches. An incorrect optimization causes the decoder to omit populating...

8.7CVSS5.8AI score0.00199EPSS
Exploits1
CVE
CVE
added 2026/02/11 3:27 p.m.54 views

CVE-2025-12474

The CVE describes a vulnerability in libjxl where a specially crafted file can cause the decoder to read pixel data from uninitialized memory, due to referencing an outside-image-bound area in later patches and an optimization that omits populating those areas. Several connected advisories confir...

4.4CVSS5.5AI score0.00101EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/02/11 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2025-12474

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A specially-crafted file can cause libjxl's decoder to read pixel data from uninitialized but allocated memory. This can be done by causing the decoder to...

4.4CVSS5.4AI score0.00101EPSS
Exploits0References4
Rows per page
Query Builder