GHSA-66m8-c62j-h6v5
jxl-oxide: `FrameBuffer::new` creates out-of-bounds slices on overflow
Details
### Summary `jxl-oxide` exposes a public safe API that can construct an undersized `FrameBuffer` due to unchecked `usize` multiplication, which immediately trigger panic while initializing the buffer in normal decoding path.
Additionally, calling the safe grouped buffer accessors afterward can create invalid oversized slices from a much smaller allocation, causing undefined behavior; however normal decoding path never reaches UB, because these methods are never used within `jxl-oxide`.
### Impact On 32-bit platforms this can cause panic by accessing out-of-range indices, making it a DoS vulnerability.
Are you affected?
Enter the version of the package you're using.
Affected packages
0 Fixed in: 0.12.6 Upgrade jxl-oxide to 0.12.6 or newer (ecosystem crates.io).