Libjxl_project Libjxl

13 CVEs affecting Libjxl_project Libjxl. Latest disclosed: 2026-02-11. Critical: 2, High: 4.

Top CVEs affecting Libjxl_project Libjxl
CVESeverityScorePublishedSummary
CVE-2024-11403Critical9.82024-11-25There exists an out of bounds read/write in LibJXL versions prior to commit 9cc451b91b74ba470fd72bd48c121e9f33d24c99. The JPEG decoder used by the JPEG XL enco…
CVE-2021-27804Critical9.82021-03-02JPEG XL (aka jpeg-xl) through 0.3.2 allows writable memory corruption.
CVE-2026-1837High7.52026-02-11A specially-crafted file can cause libjxl's decoder to write pixel data to uninitialized unallocated memory. Soon after that data from another uninitialized un…
CVE-2024-11498High7.52024-11-25There exists a stack buffer overflow in libjxl. A specifically-crafted file can cause the JPEG XL decoder to use large amounts of stack space (up to 256mb is p…
CVE-2023-35790High7.52023-06-16An issue was discovered in dec_patch_dictionary.cc in libjxl before 0.8.2. An integer underflow in patch decoding can lead to a denial of service, such as an i…
CVE-2021-36691High7.52021-08-30libjxl v0.5.0 is affected by a Assertion failed issue in lib/jxl/image.cc jxl::PlaneBase::PlaneBase(). When encoding a malicous GIF file using cjxl, an attacke…
CVE-2022-34000Medium6.52022-06-19libjxl 0.6.1 has an assertion failure in LowMemoryRenderPipeline::Init() in render_pipeline/low_memory_render_pipeline.cc.
CVE-2021-36692Medium6.52021-08-30libjxl v0.3.7 is affected by a Divide By Zero in issue in lib/extras/codec_apng.cc jxl::DecodeImageAPNG(). When encoding a malicous APNG file using cjxl, an at…
CVE-2021-45928Medium5.52022-01-01libjxl b02d6b9, as used in libvips 8.11 through 8.11.2 and other products, has an out-of-bounds write in jxl::ModularFrameDecoder::DecodeGroup (called from jxl…
CVE-2023-0645Medium5.32023-04-11An out of bounds read exists in libjxl. An attacker using a specifically crafted file could cause an out of bounds read in the exif handler. We recommend upgra…
CVE-2021-22564Medium4.52021-11-01For certain valid JPEG XL images with a size slightly larger than an integer number of groups (256x256 pixels) when processing the groups out of order the deco…
CVE-2021-22563Medium4.52021-11-01Invalid JPEG XL images using libjxl can cause an out of bounds access on a std::vector<std::vector<T>> when rendering splines. The OOB read access can either l…
CVE-2025-12474Medium4.42026-02-11A specially-crafted file can cause libjxl's decoder to read pixel data from uninitialized (but allocated) memory. This can be done by causing the decoder to r…