Libjxl Project: >> Libjxl >> 0.8.4 Security Vulnerabilities
A specially-crafted file can cause libjxl's decoder to read pixel data from uninitialized (but allocated) memory.
This can be done by causing the decoder to reference an outside-image-bound area in a subsequent patches. An incorrect optimization causes the decoder to omit populating those areas.
CVSS Score
2.3
EPSS Score
0.0
Published
2026-02-11