rpm package
opensuse/libjxl&distro=openSUSE Leap 15.5
pkg:rpm/opensuse/libjxl&distro=openSUSE%20Leap%2015.5
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-11498 | — | < 0.8.2-bp155.2.6.1 | 0.8.2-bp155.2.6.1 | Nov 25, 2024 | There exists a stack buffer overflow in libjxl. A specifically-crafted file can cause the JPEG XL decoder to use large amounts of stack space (up to 256mb is possible, maybe 512mb), potentially exhausting the stack. An attacker can craft a file that will cause excessive memory us | ||
| CVE-2023-35790 | — | < 0.8.2-bp155.2.3.1 | 0.8.2-bp155.2.3.1 | Jun 16, 2023 | An issue was discovered in dec_patch_dictionary.cc in libjxl before 0.8.2. An integer underflow in patch decoding can lead to a denial of service, such as an infinite loop. |
- CVE-2024-11498Nov 25, 2024affected < 0.8.2-bp155.2.6.1fixed 0.8.2-bp155.2.6.1
There exists a stack buffer overflow in libjxl. A specifically-crafted file can cause the JPEG XL decoder to use large amounts of stack space (up to 256mb is possible, maybe 512mb), potentially exhausting the stack. An attacker can craft a file that will cause excessive memory us
- CVE-2023-35790Jun 16, 2023affected < 0.8.2-bp155.2.3.1fixed 0.8.2-bp155.2.3.1
An issue was discovered in dec_patch_dictionary.cc in libjxl before 0.8.2. An integer underflow in patch decoding can lead to a denial of service, such as an infinite loop.