{"id":"JLSEC-2026-493","summary":"JXL in GraphicsMagick before 1.3.46 lacks image dimension resource limits.","details":"ReadJXLImage in JXL in GraphicsMagick before 1.3.46 lacks image dimension resource limits.","modified":"2026-05-13T02:02:51.925997022Z","published":"2026-05-13T01:42:44.063Z","upstream":["CVE-2025-27795","EUVD-2025-6240","GHSA-69r2-5wxm-3hf6"],"database_specific":{"sources":[{"database_specific":{"status":"Analyzed"},"id":"CVE-2025-27795","published":"2025-03-07T06:15:33.273Z","modified":"2026-01-29T21:08:32.087Z","imported":"2026-05-13T00:52:49.594Z","url":"https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2025-27795","html_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-27795"},{"id":"GHSA-69r2-5wxm-3hf6","published":"2025-03-07T06:30:33Z","modified":"2025-03-07T18:32:10Z","imported":"2026-05-13T00:52:55.007Z","url":"https://api.github.com/advisories/GHSA-69r2-5wxm-3hf6","html_url":"https://github.com/advisories/GHSA-69r2-5wxm-3hf6"},{"id":"EUVD-2025-6240","published":"2025-03-07T00:00:00Z","modified":"2025-03-07T19:37:31Z","imported":"2026-05-13T00:52:53.499Z","url":"https://euvdservices.enisa.europa.eu/api/enisaid?id=EUVD-2025-6240","html_url":"https://euvd.enisa.europa.eu/vulnerability/EUVD-2025-6240"}],"license":"CC-BY-4.0"},"references":[{"type":"WEB","url":"http://www.graphicsmagick.org/NEWS.html"},{"type":"WEB","url":"https://foss.heptapod.net/graphicsmagick/graphicsmagick/-/commit/9bbae7314e3c3b19b830591010ed90bb136b9c42"},{"type":"WEB","url":"https://github.com/advisories/GHSA-69r2-5wxm-3hf6"},{"type":"WEB","url":"https://github.com/libjxl/libjxl/issues/3792#issuecomment-2330978387"},{"type":"WEB","url":"https://github.com/libjxl/libjxl/issues/3793#issuecomment-2334843280"},{"type":"WEB","url":"https://issues.oss-fuzz.com/issues/42536330#comment6"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-27795"}],"affected":[{"package":{"name":"GraphicsMagick_jll","ecosystem":"Julia","purl":"pkg:julia/GraphicsMagick_jll?uuid=aa65733b-c888-5e24-8545-c87abc10c960"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"},{"fixed":"1.3.47+0"}]}],"database_specific":{"source":"https://github.com/JuliaLang/SecurityAdvisories.jl/tree/generated/osv/2026/JLSEC-2026-493.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L"}]}