EUVD-2022-37033

Malicious code in bioql PyPI...

CVE-2022-34000

libjxl 0.6.1 has an assertion failure in LowMemoryRenderPipeline::Init in renderpipeline/lowmemoryrenderpipeline.cc...

GLSA-202210-36 : libjxl: Denial of Service

The remote host is affected by the vulnerability described in GLSA-202210-36 libjxl: Denial of Service - libjxl 0.6.1 has an assertion failure in LowMemoryRenderPipeline::Init in renderpipeline/lowmemoryrenderpipeline.cc. CVE-2022-34000 Note that Nessus has not tested for this issue but has inste...

libjxl: Denial of Service

Background libjxl is the JPEG XL image format reference implementation. Description libjxl contains an unecessary assertion in jxl::LowMemoryRenderPipeline::Init. Impact An attacker can cause a denial of service of the libjxl process via a crafted input file. Workaround There is no known workarou...

OSV-2022-836 Heap-buffer-overflow in jxl::N_AVX2::BlendingStage::ProcessPaddingRow

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=50915 Crash type: Heap-buffer-overflow READ Crash state: jxl::NAVX2::BlendingStage::ProcessPaddingRow jxl::LowMemoryRenderPipeline::RenderPadding jxl::LowMemoryRenderPipeline::ProcessBuffers...

OSV-2022-725 Heap-buffer-overflow in jxl::N_EMU128::WriteToU8Stage::ProcessRow

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=50295 Crash type: Heap-buffer-overflow WRITE 1 Crash state: jxl::NEMU128::WriteToU8Stage::ProcessRow jxl::LowMemoryRenderPipeline::RenderRect jxl::LowMemoryRenderPipeline::ProcessBuffers...

OSV-2022-608 Heap-use-after-free in jxl::WriteToPixelCallbackStage::ProcessRow

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=49277 Crash type: Heap-use-after-free READ 4 Crash state: jxl::WriteToPixelCallbackStage::ProcessRow jxl::LowMemoryRenderPipeline::RenderRect jxl::LowMemoryRenderPipeline::ProcessBuffers...

OSV-2022-580 Heap-buffer-overflow in jxl::N_AVX2::BlendingStage::ProcessPaddingRow

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=49049 Crash type: Heap-buffer-overflow WRITE Crash state: jxl::NAVX2::BlendingStage::ProcessPaddingRow jxl::LowMemoryRenderPipeline::RenderPadding jxl::LowMemoryRenderPipeline::ProcessBuffers...

OSV-2022-493 Segv on unknown address in jxl::N_AVX2::XYBStage<jxl::N_AVX2::PerChannelOp<jxl::N_AVX2::Op709> >::ProcessRo

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=48132 Crash type: Segv on unknown address Crash state: jxl::NAVX2::XYBStage ::ProcessRo jxl::LowMemoryRenderPipeline::RenderRect jxl::LowMemoryRenderPipeline::ProcessBuffers...

CVE-2022-34000

libjxl 0.6.1 has an assertion failure in LowMemoryRenderPipeline::Init in renderpipeline/lowmemoryrenderpipeline.cc...

CVE-2022-34000

libjxl 0.6.1 has an assertion failure in LowMemoryRenderPipeline::Init in renderpipeline/lowmemoryrenderpipeline.cc...

CVE-2022-34000

CVE-2022-34000 affects the JPEG XL reference implementation libjxl 0.6.1, with an assertion failure in LowMemoryRenderPipeline::Init() located in render_pipeline/low_memory_render_pipeline.cc. The issue is described as a potential denial of service against the libjxl process when processing craft...

CVE-2022-34000

libjxl 0.6.1 has an assertion failure in LowMemoryRenderPipeline::Init in renderpipeline/lowmemoryrenderpipeline.cc...

CVE-2022-34000

libjxl 0.6.1 has an assertion failure in LowMemoryRenderPipeline::Init in renderpipeline/lowmemoryrenderpipeline.cc...

OSV-2022-371 Segv on unknown address in jxl::N_AVX2::WriteToU8Stage::ProcessRow

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=46963 Crash type: Segv on unknown address Crash state: jxl::NAVX2::WriteToU8Stage::ProcessRow jxl::LowMemoryRenderPipeline::RenderRect jxl::LowMemoryRenderPipeline::ProcessBuffers...

OSV-2022-367 Segv on unknown address in jxl::N_SSE4::WriteToU8Stage::ProcessRow

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=46915 Crash type: Segv on unknown address Crash state: jxl::NSSE4::WriteToU8Stage::ProcessRow jxl::LowMemoryRenderPipeline::RenderRect jxl::LowMemoryRenderPipeline::ProcessBuffers...

OSV-2022-296 Negative-size-param in jxl::N_SSE4::BlendingStage::ProcessPaddingRow

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=46243 Crash type: Negative-size-param Crash state: jxl::NSSE4::BlendingStage::ProcessPaddingRow jxl::LowMemoryRenderPipeline::RenderPadding jxl::LowMemoryRenderPipeline::ProcessBuffers...

OSV-2022-264 Heap-buffer-overflow in jxl::N_AVX2::BlendingStage::ProcessRow

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=45822 Crash type: Heap-buffer-overflow READ 4 Crash state: jxl::NAVX2::BlendingStage::ProcessRow jxl::LowMemoryRenderPipeline::RenderRect jxl::LowMemoryRenderPipeline::ProcessBuffers...