CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-11498

There exists a stack buffer overflow in libjxl. A specifically-crafted file can cause the JPEG XL decoder to use large amounts of stack space (up to 256mb is possible, maybe 512mb), potentially exhausting the stack. An attacker can craft a file that will cause excessive memory usage. We recommend upgrading past commit 65fbec56bc578b6b6ee02a527be70787bbd053b0.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 30.0%

CVSS Severity

CVSS v3 Score 7.5

References

https://github.com/libjxl/libjxl/pull/3943

Products affected by CVE-2024-11498

Libjxl Project » Libjxl » Version: N/A

cpe:2.3:a:libjxl_project:libjxl:-
Libjxl Project » Libjxl » Version: 0.1

cpe:2.3:a:libjxl_project:libjxl:0.1
Libjxl Project » Libjxl » Version: 0.1.1

cpe:2.3:a:libjxl_project:libjxl:0.1.1
Libjxl Project » Libjxl » Version: 0.2

cpe:2.3:a:libjxl_project:libjxl:0.2
Libjxl Project » Libjxl » Version: 0.3

cpe:2.3:a:libjxl_project:libjxl:0.3
Libjxl Project » Libjxl » Version: 0.3.1

cpe:2.3:a:libjxl_project:libjxl:0.3.1
Libjxl Project » Libjxl » Version: 0.3.2

cpe:2.3:a:libjxl_project:libjxl:0.3.2
Libjxl Project » Libjxl » Version: 0.3.3

cpe:2.3:a:libjxl_project:libjxl:0.3.3
Libjxl Project » Libjxl » Version: 0.3.4

cpe:2.3:a:libjxl_project:libjxl:0.3.4
Libjxl Project » Libjxl » Version: 0.3.5

cpe:2.3:a:libjxl_project:libjxl:0.3.5
Libjxl Project » Libjxl » Version: 0.3.6

cpe:2.3:a:libjxl_project:libjxl:0.3.6
Libjxl Project » Libjxl » Version: 0.3.7

cpe:2.3:a:libjxl_project:libjxl:0.3.7
Libjxl Project » Libjxl » Version: 0.5

cpe:2.3:a:libjxl_project:libjxl:0.5
Libjxl Project » Libjxl » Version: 0.6

cpe:2.3:a:libjxl_project:libjxl:0.6
Libjxl Project » Libjxl » Version: 0.6.0

cpe:2.3:a:libjxl_project:libjxl:0.6.0
Libjxl Project » Libjxl » Version: 0.6.1

cpe:2.3:a:libjxl_project:libjxl:0.6.1
Libjxl Project » Libjxl » Version: 0.7.0

cpe:2.3:a:libjxl_project:libjxl:0.7.0
Libjxl Project » Libjxl » Version: 0.8.0

cpe:2.3:a:libjxl_project:libjxl:0.8.0
Libjxl Project » Libjxl » Version: 0.8.1

cpe:2.3:a:libjxl_project:libjxl:0.8.1
Libjxl Project » Libjxl » Version: 0.8.2

cpe:2.3:a:libjxl_project:libjxl:0.8.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-11498

Products

Pricing

Contact Us