Lucene search
K

10 matches found

Tenable Nessus
Tenable Nessus
added 2026/05/29 12:0 a.m.10 views

Fedora 44 : jpegxl (2026-aa2e960a9f)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-aa2e960a9f advisory. Update to version 0.11.2. Resolves CVE-2025-12474 and CVE-2026-1837. Release notes: https://github.com/libjxl/libjxl/releases/tag/v0.11.2 Tenable ha...

8.8CVSS5.9AI score0.00199EPSS
Exploits1References3
Circl
Circl
added 2026/05/12 10:21 a.m.6 views

CVE-2026-1837

creationtimestamp| type| source ---|---|--- 2026-05-12 10:21:51+00:00| seen| https://www.thezdi.com/blog/2026/5/12/the-apple-macos-security-update-review 2026-05-12 18:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/apple-products-multiple-vulnerabilities20260513 2026-05-26...

8.8CVSS5.3AI score0.00199EPSS
Exploits1References4
OSV
OSV
added 2026/03/18 10:13 a.m.1 views

OPENSUSE-SU-2026:20385-1 Security update for libjxl

This update for libjxl fixes the following issues: Update to libjxl 0.11.2: - CVE-2025-12474: a specially crafted file can cause the decoder to read pixel data from uninitialized allocated memory bsc1258090. - CVE-2026-1837: a specially crafted file can cause the decoder to write pixel data to...

8.8CVSS5.9AI score0.00199EPSS
Exploits1References4
Amazon
Amazon
added 2026/03/06 12:0 a.m.6 views

Important: firefox

Issue Overview: A specially-crafted file can cause libjxl's decoder to read pixel data from uninitialized but allocated memory. This can be done by causing the decoder to reference an outside-image-bound area in a subsequent patches. An incorrect optimization causes the decoder to omit populating...

8.8CVSS6.2AI score0.006EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2026/03/06 12:0 a.m.15 views

Amazon Linux 2023 : firefox (ALAS2023-2026-1469)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1469 advisory. A specially-crafted file can cause libjxl's decoder to read pixel data from uninitialized but allocated memory. This can be done by causing the decoder to reference an outside-image-bound area...

8.8CVSS6.1AI score0.006EPSS
Exploits1References8
Tenable Nessus
Tenable Nessus
added 2026/03/06 12:0 a.m.15 views

Amazon Linux 2 : thunderbird, --advisory ALAS2-2026-3190 (ALAS-2026-3190)

The version of thunderbird installed on the remote host is prior to 140.7.2-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3190 advisory. A specially-crafted file can cause libjxl's decoder to read pixel data from uninitialized but allocated memory. This...

8.8CVSS6.1AI score0.006EPSS
Exploits1References8
Amazon
Amazon
added 2026/03/05 12:0 a.m.6 views

Important: jpegxl

Issue Overview: A specially-crafted file can cause libjxl's decoder to read pixel data from uninitialized but allocated memory. This can be done by causing the decoder to reference an outside-image-bound area in a subsequent patches. An incorrect optimization causes the decoder to omit populating...

8.7CVSS5.8AI score0.00199EPSS
Exploits1
OPENSUSE Linux
OPENSUSE Linux
added 2026/02/28 12:0 a.m.7 views

libjxl-devel-0.11.2-1.1 on GA media (moderate)

libjxl-devel-0.11.2-1.1 on GA media Announcement ID: openSUSE-SU-2026:10271-1 Rating: moderate Cross-References: CVE-2026-1837 CVSS scores: CVE-2026-1837 SUSE : 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2026-1837 SUSE : 9.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:...

9.2CVSS6AI score0.00199EPSS
Exploits1
Debian CVE
Debian CVE
added 2026/02/11 3:19 p.m.5 views

CVE-2026-1837

A specially-crafted file can cause libjxl's decoder to write pixel data to uninitialized unallocated memory. Soon after that data from another uninitialized unallocated region is copied to pixel data. This can be done by requesting color transformation of grayscale images to another grayscale col...

8.8CVSS5.2AI score0.00199EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2026/02/11 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2026-1837

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A specially-crafted file can cause libjxl's decoder to write pixel data to uninitialized unallocated memory. Soon after that data from another uninitialized...

8.7CVSS5.8AI score0.00199EPSS
Exploits1References2
Rows per page
Query Builder