Lovello

**Name of the Vulnerable Software and Affected Versions** libjxl versions prior to 0.6.0 **Description** The issue arises from invalid JPEG XL images that can cause an out of bounds access on a `std::vector<std::vector<T>>` when rendering splines using libjxl. This out of bounds read access can lead to a segfault or result in rendering splines based on other process memory. **Recommendations** For libjxl versions prior to 0.6.0, upgrade to a version past 0.6.0 to resolve the issue. As a temporary workaround, consider restricting the use of libjxl for rendering splines from untrusted sources until a patch is applied.