Description
Invalid JPEG XL images using libjxl can cause an out of bounds access on a std::vector<std::vector<T>> when rendering splines. The OOB read access can either lead to a segfault, or rendering splines based on other process memory. It is recommended to upgrade past 0.6.0 or patch with https://github.com/libjxl/libjxl/pull/757
References (2)
Core 2
Core References
Exploit, Issue Tracking, Patch, Third Party Advisory x_refsource_misc
https://github.com/libjxl/libjxl/issues/735
Patch, Third Party Advisory x_refsource_misc
https://github.com/libjxl/libjxl/pull/757
Scores
CVSS v3
4.5
EPSS
0.0004
EPSS Percentile
13.7%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
Details
CWE
CWE-125
CWE-126
Status
published
Products (1)
libjxl_project/libjxl
< 0.6.0
Published
Nov 01, 2021
Tracked Since
Feb 18, 2026