An out of bounds read exists in libjxl. An attacker using a specifically crafted file could cause an out of bounds read in the exif handler. We recommend upgrading to version 0.8.1 or past commit https://github.com/libjxl/libjxl/pull/2101/commits/d95b050c1822a5b1ede9e0dc937e43fca1b10159 https://github.com/libjxl/libjxl/pull/2101/commits/d95b050c1822a5b1ede9e0dc937e43fca1b10159
{ "binaries": [ { "binary_version": "0.7.0-10.2ubuntu6.1", "binary_name": "jpeg-xl-doc" }, { "binary_version": "0.7.0-10.2ubuntu6.1", "binary_name": "libjpegxl-java" }, { "binary_version": "0.7.0-10.2ubuntu6.1", "binary_name": "libjpegxl-java-dbgsym" }, { "binary_version": "0.7.0-10.2ubuntu6.1", "binary_name": "libjxl-dev" }, { "binary_version": "0.7.0-10.2ubuntu6.1", "binary_name": "libjxl-devtools" }, { "binary_version": "0.7.0-10.2ubuntu6.1", "binary_name": "libjxl-devtools-dbgsym" }, { "binary_version": "0.7.0-10.2ubuntu6.1", "binary_name": "libjxl-tools" }, { "binary_version": "0.7.0-10.2ubuntu6.1", "binary_name": "libjxl-tools-dbgsym" }, { "binary_version": "0.7.0-10.2ubuntu6.1", "binary_name": "libjxl0.7" }, { "binary_version": "0.7.0-10.2ubuntu6.1", "binary_name": "libjxl0.7-dbgsym" } ], "availability": "No subscription required" }