USN-8397-1: libjxl vulnerability

It was discovered that libjxl did not properly handle certain crafted PBM images. An attacker could possibly use this issue to cause libjxl to crash, resulting in a denial of service, or execute arbitrary code...

Astra Linux - уязвимость в jpeg-xl

There exists an out of bounds read/write in LibJXL versions prior to commit 9cc451b91b74ba470fd72bd48c121e9f33d24c99. The JPEG decoder used by the JPEG XL encoder when doing JPEG recompression i.e. if using JxlEncoderAddJPEGFrame on untrusted input does not properly check bounds in the presence o...

EUVD-2021-23286

Malware in sbrugna...

EUVD-2023-12679

Malicious code in bioql PyPI...

EUVD-2021-32637

Malicious code in bioql PyPI...

CVE-2021-36691

libjxl v0.5.0 is affected by a Assertion failed issue in lib/jxl/image.cc jxl::PlaneBase::PlaneBase. When encoding a malicous GIF file using cjxl, an attacker can trigger a denial of service...

CVE-2021-36692

libjxl v0.3.7 is affected by a Divide By Zero in issue in lib/extras/codecapng.cc jxl::DecodeImageAPNG. When encoding a malicous APNG file using cjxl, an attacker can trigger a denial of service...

CVE-2024-11403

There exists an out of bounds read/write in LibJXL versions prior to commit 9cc451b91b74ba470fd72bd48c121e9f33d24c99. The JPEG decoder used by the JPEG XL encoder when doing JPEG recompression i.e. if using JxlEncoderAddJPEGFrame on untrusted input does not properly check bounds in the presence o...

CVE-2024-11498

There exists a stack buffer overflow in libjxl. A specifically-crafted file can cause the JPEG XL decoder to use large amounts of stack space up to 256mb is possible, maybe 512mb, potentially exhausting the stack. An attacker can craft a file that will cause excessive memory usage. We recommend...

LibJXL 安全漏洞

LibJXL is a reference implementation of PEG XL encoder and decoder in the LibJXL open source. A security vulnerability exists in LibJXL that stems from improper boundary checking by the JPEG decoder when handling JPEG recompression, which could lead to out-of-bounds writes in the event that...

PT-2024-9202 · Libjxl +5 · Libjxl +5

Name of the Vulnerable Software and Affected Versions: LibJXL versions prior to commit 9cc451b91b74ba470fd72bd48c121e9f33d24c99 libjpeg affected versions not specified libmozjs-115-0-115.15.0-4.1 libmozjs-128-0-128.5.1-3.1 libjxl-devel-0.11.1-1.1 qt6-webengine Description: An out-of-bounds...

PT-2024-8851

Name of the Vulnerable Software and Affected Versions libjxl libjxl-devel-0.11.1-1.1 libmozjs-115-0-115.15.0-4.1 libmozjs-128-0-128.5.1-3.1 jpeg-xl affected versions not specified Description A stack buffer overflow exists in the libjxl library's JPEG XL decoder. A specially crafted file can caus...

PT-2023-3326 · Libjxl +5 · Libjxl +5

Name of the Vulnerable Software and Affected Versions: libjxl versions prior to 0.8.2 Description: An issue in dec patch dictionary.cc can lead to a denial of service due to an integer underflow in patch decoding, potentially causing an infinite loop. The issue can be exploited by a remote attack...

CVE-2023-35790

An issue was discovered in decpatchdictionary.cc in libjxl before 0.8.2. An integer underflow in patch decoding can lead to a denial of service, such as an infinite loop...

PT-2023-16422 · Libjxl +3 · Libjxl +3

Name of the Vulnerable Software and Affected Versions: libjxl versions prior to 0.8.1 Description: An out of bounds read exists in libjxl. An attacker using a specifically crafted file could cause an out of bounds read in the exif handler. Recommendations: For versions prior to 0.8.1, we recommen...

CVE-2021-36692

libjxl v0.3.7 is affected by a Divide By Zero in issue in lib/extras/codecapng.cc jxl::DecodeImageAPNG. When encoding a malicous APNG file using cjxl, an attacker can trigger a denial of service...

CVE-2021-36691

libjxl v0.5.0 is affected by a Assertion failed issue in lib/jxl/image.cc jxl::PlaneBase::PlaneBase. When encoding a malicous GIF file using cjxl, an attacker can trigger a denial of service...