CVE-2021-36692
- Source
- https://cve.org/CVERecord?id=CVE-2021-36692
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-36692.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2021-36692
- Published
- 2021-08-30T21:15:09.413Z
- Modified
- 2025-11-14T12:06:47.162713Z
- Severity
-
- 6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
libjxl v0.3.7 is affected by a Divide By Zero in issue in lib/extras/codec_apng.cc jxl::DecodeImageAPNG(). When encoding a malicous APNG file using cjxl, an attacker can trigger a denial of service.
- References
Affected packages
Git / github.com/libjxl/libjxl
Affected ranges
- Type
- GIT
- Repo
- https://github.com/libjxl/libjxl
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
v0.*
v0.1
v0.1.0
v0.1.1
v0.2
v0.2.0
v0.3
v0.3.0
v0.3.1
v0.3.2
v0.3.3
v0.3.4
v0.3.5
v0.3.6
v0.3.7
Database specific
vanir_signatures
[
{
"signature_version": "v1",
"target": {
"file": "lib/extras/codec_apng.cc"
},
"deprecated": false,
"id": "CVE-2021-36692-13120598",
"source": "https://github.com/libjxl/libjxl/commit/7dfa400ded53919d986c5d3d23446a09e0cf481b",
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"218996673675454636206971500351580687935",
"289713015421704113962406939315262015326",
"151492106284367248620221020173088946544"
]
}
},
{
"signature_version": "v1",
"target": {
"function": "DecodeImageAPNG",
"file": "lib/extras/codec_apng.cc"
},
"deprecated": false,
"id": "CVE-2021-36692-77f02abb",
"source": "https://github.com/libjxl/libjxl/commit/7dfa400ded53919d986c5d3d23446a09e0cf481b",
"signature_type": "Function",
"digest": {
"function_hash": "83732117007404789023064002931192555137",
"length": 5308.0
}
}
]
source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-36692.json"