Security Advisory

CVE-2025-12474

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-02-11 15:27:24

Last updated 2026-02-11 21:41:40

Assigner Google

State PUBLISHED

Description

A specially-crafted file can cause libjxls decoder to read pixel data from uninitialized (but allocated) memory. This can be done by causing the decoder to reference an outside-image-bound area in a subsequent patches. An incorrect optimization causes the decoder to omit populating those areas.

← Browse all CVEs View on cve.org ↗