6 matches found
CVE-2021-45928
libjxl b02d6b9, as used in libvips 8.11 through 8.11.2 and other products, has an out-of-bounds write in jxl::ModularFrameDecoder::DecodeGroup called from jxl::FrameDecoder::ProcessACGroup and jxl::ThreadPool::RunCallStatejxl::FrameDecoder::ProcessSections...
Out-of-bounds
libjxl b02d6b9, as used in libvips 8.11 through 8.11.2 and other products, has an out-of-bounds write in jxl::ModularFrameDecoder::DecodeGroup called from jxl::FrameDecoder::ProcessACGroup and jxl::ThreadPool::RunCallStatejxl::FrameDecoder::ProcessSections...
CVE-2021-45928
libjxl b02d6b9, as used in libvips 8.11 through 8.11.2 and other products, has an out-of-bounds write in jxl::ModularFrameDecoder::DecodeGroup called from jxl::FrameDecoder::ProcessACGroup and jxl::ThreadPool::RunCallStatejxl::FrameDecoder::ProcessSections...
OSV-2021-1644 Container-overflow in void jxl::CopyImageTo<int>
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=41608 Crash type: Container-overflow READ 4 Crash state: void jxl::CopyImageTo jxl::ModularFrameDecoder::DecodeGroup jxl::FrameDecoder::ProcessACGroup...
OSV-2021-1615 Heap-buffer-overflow in jxl::ModularFrameDecoder::DecodeGroup
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=41283 Crash type: Heap-buffer-overflow READ Crash state: jxl::ModularFrameDecoder::DecodeGroup jxl::FrameDecoder::ProcessACGroup jxl::ThreadPool::RunCallStatejxl::FrameDecoder::ProcessSections...
OSV-2021-1597 UNKNOWN READ in void jxl::CopyImageTo<int>
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=41217 Crash type: UNKNOWN READ Crash state: void jxl::CopyImageTo jxl::ModularFrameDecoder::DecodeGroup jxl::FrameDecoder::ProcessACGroup...