Описание
libjxl v0.3.7 is affected by a Divide By Zero in issue in lib/extras/codec_apng.cc jxl::DecodeImageAPNG(). When encoding a malicous APNG file using cjxl, an attacker can trigger a denial of service.
Ссылки
- PatchThird Party Advisory
- ExploitIssue TrackingThird Party Advisory
- PatchThird Party Advisory
- PatchThird Party Advisory
- ExploitIssue TrackingThird Party Advisory
- PatchThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:libjxl_project:libjxl:0.3.7:*:*:*:*:*:*:*
EPSS
Процентиль: 54%
0.00312
Низкий
6.5 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-369
Связанные уязвимости
CVSS3: 6.5
debian
больше 4 лет назад
libjxl v0.3.7 is affected by a Divide By Zero in issue in lib/extras/c ...
github
больше 3 лет назад
libjxl v0.3.7 is affected by a Divide By Zero in issue in lib/extras/codec_apng.cc jxl::DecodeImageAPNG(). When encoding a malicous APNG file using cjxl, an attacker can trigger a denial of service.
EPSS
Процентиль: 54%
0.00312
Низкий
6.5 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-369