Unrated severityNVD Advisory· Published Jun 16, 2023· Updated Dec 17, 2024

CVE-2023-35790

Description

An issue was discovered in dec_patch_dictionary.cc in libjxl before 0.8.2. An integer underflow in patch decoding can lead to a denial of service, such as an infinite loop.

Affected products

libjxl/libjxldescription
osv-coords2 versions
pkg:rpm/opensuse/libjxl&distro=openSUSE%20Leap%2015.5 pkg:rpm/suse/libjxl&distro=SUSE%20Package%20Hub%2015%20SP5
< 0.8.2-bp155.2.3.1+ 1 more
- (no CPE)range: < 0.8.2-bp155.2.3.1
- (no CPE)range: < 0.8.2-bp155.2.3.1

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/libjxl/libjxl/pull/2551mitre
github.com/libjxl/libjxl/releases/tag/v0.8.2mitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000