VYPR

jpeg-xl

by jpeg-xl

CVEs (2)

  • CVE-2021-27804CriMar 2, 2021
    risk 0.64cvss 9.8epss 0.04

    JPEG XL (aka jpeg-xl) through 0.3.2 allows writable memory corruption.

  • CVE-2021-28026HigMar 5, 2021
    risk 0.51cvss 7.8epss 0.01

    jpeg-xl v0.3.2 is affected by a heap buffer overflow in /lib/jxl/coeff_order.cc ReadPermutation. When decoding a malicous jxl file using djxl, an attacker can trigger arbitrary code execution or a denial of service.