169 matches found
Astra Linux - уязвимость в libpng1.6
LIBPNG is a reference library used in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. Starting from version 1.6.0 until 1.6.51, there was a heap buffer over-read vulnerability in the libpng’s pngwriteimage8bit function when processing 8-bit images...
macOS 26.x < 26.5 Multiple Vulnerabilities (127115)
The remote host is running a version of macOS / Mac OS X that is 26.x prior to 26.5. It is, therefore, affected by multiple vulnerabilities: - A specially-crafted file can cause libjxl's decoder to write pixel data to uninitialized unallocated memory. Soon after that data from another uninitializ...
Astra Linux - уязвимость в grub2
A crafted 16-bit grayscale PNG image may lead to an out-of-bounds write in the heap area. An attacker may exploit this to cause heap data corruption or, ultimately, arbitrary code execution and circumvent secure boot protections. This issue is highly complex to exploit; an attacker needs to perfo...
Amazon Linux 2023 : jxl-pixbuf-loader, libjxl, libjxl-devel (ALAS2023-2026-1459)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1459 advisory. A specially-crafted file can cause libjxl's decoder to read pixel data from uninitialized but allocated memory. This can be done by causing the decoder to reference an outside-image-bound area...
CLSA-2026-1771956748 gimp: Fix of CVE-2025-15059
CVE-2025-15059: fix PSP file loader to validate channel types for grayscale images, preventing invalid memory access from incorrect offset computation...
CLSA-2026-1771956020 gimp: Fix of CVE-2025-15059
CVE-2025-15059: fix PSP file loader to validate channel types for grayscale images, preventing invalid memory access from incorrect offset computation...
SUSE CVE-2026-1837
A specially-crafted file can cause libjxl's decoder to write pixel data to uninitialized unallocated memory. Soon after that data from another uninitialized unallocated region is copied to pixel data. This can be done by requesting color transformation of grayscale images to another grayscale col...
CVE-2026-1837
A specially-crafted file can cause libjxl's decoder to write pixel data to uninitialized unallocated memory. Soon after that data from another uninitialized unallocated region is copied to pixel data. This can be done by requesting color transformation of grayscale images to another grayscale col...
DEBIAN-CVE-2026-1837
A specially-crafted file can cause libjxl's decoder to write pixel data to uninitialized unallocated memory. Soon after that data from another uninitialized unallocated region is copied to pixel data. This can be done by requesting color transformation of grayscale images to another grayscale col...
CVE-2026-1837
A specially-crafted file can cause libjxl's decoder to write pixel data to uninitialized unallocated memory. Soon after that data from another uninitialized unallocated region is copied to pixel data. This can be done by requesting color transformation of grayscale images to another grayscale col...
UBUNTU-CVE-2026-1837
A specially-crafted file can cause libjxl's decoder to write pixel data to uninitialized unallocated memory. Soon after that data from another uninitialized unallocated region is copied to pixel data. This can be done by requesting color transformation of grayscale images to another grayscale col...
CVE-2026-1837
A specially-crafted file can cause libjxl's decoder to write pixel data to uninitialized unallocated memory. Soon after that data from another uninitialized unallocated region is copied to pixel data. This can be done by requesting color transformation of grayscale images to another grayscale col...
CVE-2026-1837
A specially-crafted file can cause libjxl's decoder to write pixel data to uninitialized unallocated memory. Soon after that data from another uninitialized unallocated region is copied to pixel data. This can be done by requesting color transformation of grayscale images to another grayscale col...
CVE-2026-1837
The connected records confirm CVE-2026-1837 affects libjxl’s decoder when LCMS2 is used as the CMS. A specially-crafted file can trigger an out-of-bounds write by transforming grayscale images to another grayscale color space, where buffers allocated for 1-float-per-pixel are treated as 3-float-p...
CVE-2026-1837 libjxl: Out-of-bounds write in grayscale color transformation when using LCMS2
A specially-crafted file can cause libjxl's decoder to write pixel data to uninitialized unallocated memory. Soon after that data from another uninitialized unallocated region is copied to pixel data. This can be done by requesting color transformation of grayscale images to another grayscale col...
CVE-2026-1837
A specially-crafted file can cause libjxl's decoder to write pixel data to uninitialized unallocated memory. Soon after that data from another uninitialized unallocated region is copied to pixel data. This can be done by requesting color transformation of grayscale images to another grayscale col...
CVE-2026-1837 libjxl: Out-of-bounds write in grayscale color transformation when using LCMS2
A specially-crafted file can cause libjxl's decoder to write pixel data to uninitialized unallocated memory. Soon after that data from another uninitialized unallocated region is copied to pixel data. This can be done by requesting color transformation of grayscale images to another grayscale col...
CVE-2026-1837
A specially-crafted file can cause libjxl's decoder to write pixel data to uninitialized unallocated memory. Soon after that data from another uninitialized unallocated region is copied to pixel data. This can be done by requesting color transformation of grayscale images to another grayscale col...
Linux Distros Unpatched Vulnerability : CVE-2026-1837
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A specially-crafted file can cause libjxl's decoder to write pixel data to uninitialized unallocated memory. Soon after that data from another uninitialized...
PT-2026-7615
Name of the Vulnerable Software and Affected Versions libjxl affected versions not specified Description A crafted file can lead to libjxl's decoder writing pixel data to uninitialized and unallocated memory. Subsequently, data from another uninitialized region is copied to pixel data. This occur...