Vulnerabilities > Libjxl Project

DATE CVE VULNERABILITY TITLE RISK
2023-06-16 CVE-2023-35790 Integer Underflow (Wrap or Wraparound) vulnerability in Libjxl Project Libjxl
An issue was discovered in dec_patch_dictionary.cc in libjxl before 0.8.2.
network
low complexity
libjxl-project CWE-191
7.5
2022-06-19 CVE-2022-34000 Reachable Assertion vulnerability in Libjxl Project Libjxl 0.6.1
libjxl 0.6.1 has an assertion failure in LowMemoryRenderPipeline::Init() in render_pipeline/low_memory_render_pipeline.cc.
network
low complexity
libjxl-project CWE-617
6.5
2022-01-01 CVE-2021-45928 Out-of-bounds Write vulnerability in Libjxl Project Libjxl
libjxl b02d6b9, as used in libvips 8.11 through 8.11.2 and other products, has an out-of-bounds write in jxl::ModularFrameDecoder::DecodeGroup (called from jxl::FrameDecoder::ProcessACGroup and jxl::ThreadPool::RunCallState<jxl::FrameDecoder::ProcessSections).
local
low complexity
libjxl-project CWE-787
2.1
2021-11-01 CVE-2021-22563 Out-of-bounds Read vulnerability in Libjxl Project Libjxl
Invalid JPEG XL images using libjxl can cause an out of bounds access on a std::vector<std::vector<T>> when rendering splines.
local
low complexity
libjxl-project CWE-125
3.6
2021-11-01 CVE-2021-22564 Out-of-bounds Write vulnerability in Libjxl Project Libjxl
For certain valid JPEG XL images with a size slightly larger than an integer number of groups (256x256 pixels) when processing the groups out of order the decoder can perform an out of bounds copy of image pixels from an image buffer in the heap to another.
local
low complexity
libjxl-project CWE-787
2.1
2021-08-30 CVE-2021-36692 Divide By Zero vulnerability in Libjxl Project Libjxl 0.3.7
libjxl v0.3.7 is affected by a Divide By Zero in issue in lib/extras/codec_apng.cc jxl::DecodeImageAPNG().
4.3
2021-08-30 CVE-2021-36691 Reachable Assertion vulnerability in Libjxl Project Libjxl 0.5.0
libjxl v0.5.0 is affected by a Assertion failed issue in lib/jxl/image.cc jxl::PlaneBase::PlaneBase().
network
low complexity
libjxl-project CWE-617
5.0
2021-03-02 CVE-2021-27804 Out-of-bounds Write vulnerability in Libjxl Project Libjxl
JPEG XL (aka jpeg-xl) through 0.3.2 allows writable memory corruption.
network
low complexity
libjxl-project CWE-787
7.5