Unrated severityNVD Advisory· Published Dec 31, 2021· Updated Aug 4, 2024
CVE-2021-45928
CVE-2021-45928
Description
libjxl b02d6b9, as used in libvips 8.11 through 8.11.2 and other products, has an out-of-bounds write in jxl::ModularFrameDecoder::DecodeGroup (called from jxl::FrameDecoder::ProcessACGroup and jxl::ThreadPool::RunCallState<jxl::FrameDecoder::ProcessSections).
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- libvips/libjxldescription
- Range: >= 0.5, < 0.6
Patches
Vulnerability mechanics
References
5- bugs.chromium.org/p/oss-fuzz/issues/detailmitrex_refsource_MISC
- github.com/google/oss-fuzz-vulns/blob/main/vulns/libvips/OSV-2021-1055.yamlmitrex_refsource_MISC
- github.com/libjxl/libjxl/compare/v0.5...v0.6mitrex_refsource_MISC
- github.com/libjxl/libjxl/issues/360mitrex_refsource_MISC
- github.com/libjxl/libjxl/pull/365mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.