CVE-2025-70103

EUVD-2025-209978
Heap buffer overflow vulnerability in libjxl 0.12.0 via crafted PBM images to the jxl::extras::DecodeImagePNM function in file lib/extras/dec/pnm.cc.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.3 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 28%
Amazon Linux logo
Amazon Linux Releases
Amazon Package
Release
jpegxl-debuginfo
Amazon Linux 2023
1:0.10.3-56.amzn2023
fixed
jpegxl-debugsource
Amazon Linux 2023
1:0.10.3-56.amzn2023
fixed
jpegxl-doc
Amazon Linux 2023
1:0.10.3-56.amzn2023
fixed
jxl-pixbuf-loader
Amazon Linux 2023
1:0.10.3-56.amzn2023
fixed
jxl-pixbuf-loader-debuginfo
Amazon Linux 2023
1:0.10.3-56.amzn2023
fixed
libjxl
Amazon Linux 2023
1:0.10.3-56.amzn2023
fixed
libjxl-debuginfo
Amazon Linux 2023
1:0.10.3-56.amzn2023
fixed
libjxl-devel
Amazon Linux 2023
1:0.10.3-56.amzn2023
fixed
libjxl-devtools
Amazon Linux 2023
1:0.10.3-56.amzn2023
fixed
libjxl-devtools-debuginfo
Amazon Linux 2023
1:0.10.3-56.amzn2023
fixed
libjxl-utils
Amazon Linux 2023
1:0.10.3-56.amzn2023
fixed
libjxl-utils-debuginfo
Amazon Linux 2023
1:0.10.3-56.amzn2023
fixed