{"id":"CVE-2021-22563","details":"Invalid JPEG XL images using libjxl can cause an out of bounds access on a std::vector\u003cstd::vector\u003cT\u003e\u003e when rendering splines. The OOB read access can either lead to a segfault, or rendering splines based on other process memory. It is recommended to upgrade past 0.6.0 or patch with https://github.com/libjxl/libjxl/pull/757","modified":"2026-03-14T08:23:47.690377Z","published":"2021-11-01T13:15:07.657Z","references":[{"type":"FIX","url":"https://github.com/libjxl/libjxl/issues/735"},{"type":"FIX","url":"https://github.com/libjxl/libjxl/pull/757"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/libjxl/libjxl","events":[{"introduced":"0"},{"fixed":"25ef9145273eb5fe3db04e196327c77e404308d8"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"0.6.0"}]}}],"versions":["v0.1","v0.1.0","v0.1.1","v0.2","v0.2.0","v0.3","v0.3.0","v0.3.1","v0.3.2","v0.3.3","v0.3.4","v0.3.5","v0.3.6","v0.3.7","v0.5-base","v0.6-base"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-22563.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L"}]}