CVE-2021-28026
Published
CVSS v3
7.8
HIGH
CVSS v2
6.8
MEDIUM
Affected
1
PROJECT
Description
jpeg-xl v0.3.2 is affected by a heap buffer overflow in /lib/jxl/coeff_order.cc ReadPermutation. When decoding a malicous jxl file using djxl, an attacker can trigger arbitrary code execution or a denial of service.
JPEG XL image format reference implementation.
Mirror from https://github.com/libjxl/libjxl, info on latest releases there!
GitLab