JPEG XL (aka jpeg-xl) through 0.3.2 allows writable memory corruption.
References
Link | Resource |
---|---|
http://packetstormsecurity.com/files/161623/jpeg-xl-0.3.1-Memory-Corruption.html | Third Party Advisory |
http://seclists.org/fulldisclosure/2021/Mar/2 | Third Party Advisory |
http://www.openwall.com/lists/oss-security/2021/03/01/3 | Mailing List Third Party Advisory |
https://gitlab.com/wg1/jpeg-xl/-/tags | Third Party Advisory |
Configurations
History
21 Jun 2021, 13:41
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:libjxl_project:libjxl:*:*:*:*:*:*:*:* |
05 Mar 2021, 20:58
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : 7.5
v3 : 9.8 |
CWE | CWE-787 | |
CPE | cpe:2.3:a:jpeg:jpeg_xl:*:*:*:*:*:*:*:* | |
References | (MISC) http://packetstormsecurity.com/files/161623/jpeg-xl-0.3.1-Memory-Corruption.html - Third Party Advisory | |
References | (MISC) https://gitlab.com/wg1/jpeg-xl/-/tags - Third Party Advisory | |
References | (MISC) http://www.openwall.com/lists/oss-security/2021/03/01/3 - Mailing List, Third Party Advisory | |
References | (FULLDISC) http://seclists.org/fulldisclosure/2021/Mar/2 - Third Party Advisory |
03 Mar 2021, 18:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
02 Mar 2021, 19:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
02 Mar 2021, 01:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-03-02 01:15
Updated : 2023-12-10 13:41
NVD link : CVE-2021-27804
Mitre link : CVE-2021-27804
CVE.ORG link : CVE-2021-27804
JSON object : View
Products Affected
libjxl_project
- libjxl
CWE
CWE-787
Out-of-bounds Write