CVE-2025-71319 image-size < 1.2.1, 2.0.2 - Denial of Service via Infinite Loop in findBox Function

image-size 1.1.0 before 1.2.1 and 2.0.0 before 2.0.2 contain a denial of service vulnerability in the findBox function when processing specially crafted images with zero-sized boxes. Remote attackers can cause application hang by supplying malicious JXL, HEIF, or JP2 image files with box size zer...