CVE-2023-0645

Name
CVE-2023-0645
Description
An out of bounds read exists in libjxl. An attacker using a specifically crafted file could cause an out of bounds read in the exif handler. We recommend upgrading to version 0.8.1 or past commit  https://github.com/libjxl/libjxl/pull/2101/commits/d95b050c1822a5b1ede9e0dc937e43fca1b10159 https://github.com/libjxl/libjxl/pull/2101/commits/d95b050c1822a5b1ede9e0dc937e43fca1b10159
NVD Severity
high
Other trackers
Mailing lists
Exploits
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
MISC https://github.com/libjxl/libjxl/pull/2101/commits/d95b050c1822a5b1ede9e0dc937e43fca1b10159
MISC https://github.com/libjxl/libjxl/pull/2101

Match rules

CPE URI Source package Min version Max version
cpe:2.3:a:libjxl_project:libjxl:*:*:*:*:*:*:*:* libjxl >= None < 0.8.1

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
libjxl 3.17-community 0.7.0-r0 Alex Xu (Hello71) <alex_y_xu@yahoo.ca> possibly vulnerable