CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-35790
https://notcve.org/view.php?id=CVE-2023-35790
An issue was discovered in dec_patch_dictionary.cc in libjxl before 0.8.2. An integer underflow in patch decoding can lead to a denial of service, such as an infinite loop. • https://github.com/libjxl/libjxl/pull/2551 https://github.com/libjxl/libjxl/releases/tag/v0.8.2 • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2023-0645 – Out of Bounds read in libjxl
https://notcve.org/view.php?id=CVE-2023-0645
An out of bounds read exists in libjxl. An attacker using a specifically crafted file could cause an out of bounds read in the exif handler. We recommend upgrading to version 0.8.1 or past commit https://github.com/libjxl/libjxl/pull/2101/commits/d95b050c1822a5b1ede9e0dc937e43fca1b10159 https://github.com/libjxl/libjxl/pull/2101/commits/d95b050c1822a5b1ede9e0dc937e43fca1b10159 • https://github.com/libjxl/libjxl/pull/2101 https://github.com/libjxl/libjxl/pull/2101/commits/d95b050c1822a5b1ede9e0dc937e43fca1b10159 • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2022-34000
https://notcve.org/view.php?id=CVE-2022-34000
libjxl 0.6.1 has an assertion failure in LowMemoryRenderPipeline::Init() in render_pipeline/low_memory_render_pipeline.cc. libjxl 0.6.1, presenta un fallo de aserción en la función LowMemoryRenderPipeline::Init() en el archivo render_pipeline/low_memory_render_pipeline.cc • https://github.com/libjxl/libjxl/issues/1477 https://security.gentoo.org/glsa/202210-36 • CWE-617: Reachable Assertion •