CVE-2023-0645

CVSS v2.0

9.4

Critical

Vector

AV:N/AC:L/Au:N/C:C/I:N/A:C

Name of the Vulnerable Software and Affected Versions libjxl versions prior to 0.8.1

Description An out of bounds read exists in libjxl. An attacker using a specifically crafted file could cause an out of bounds read in the exif handler.

Recommendations For versions prior to 0.8.1, we recommend upgrading to version 0.8.1 or applying the changes from the commit https://github.com/libjxl/libjxl/pull/2101/commits/d95b050c1822a5b1ede9e0dc937e43fca1b10159 to fix the issue. As a temporary workaround, consider restricting the use of specifically crafted files that could cause an out of bounds read in the exif handler until a patch is available.

Fix

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125

Related Identifiers

ALT-PU-2023-1180

BDU:2025-11754

CVE-2023-0645

DSA-5958-1

USN-7637-1

Affected Products

Alt Linux

Debian

Linuxmint

Red Os

Ubuntu

Libjxl

CVE-2023-0645

Weakness Enumeration

Related Identifiers

Affected Products

References · 20