Lucene search
Alpine Linux Development TeamALPINE:CVE-2023-49463HistoryDec 07, 2023 - 8:15 p.m.
CVE-2023-49463
2023-12-0720:15:38
Alpine Linux Development Team
security.alpinelinux.org
3
libheif
segmentation violation
find_exif_tag
v1.17.5
unix
cve-2023-49463
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
0.001 Low
EPSS
Percentile
40.1%
libheif v1.17.5 was discovered to contain a segmentation violation via the function find_exif_tag at /libheif/exif.cc.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Alpine | edge-community | noarch | libheif | < 1.17.6-r0 | UNKNOWN |
| Alpine | 3.19-community | noarch | libheif | < 1.17.6-r0 | UNKNOWN |
| Alpine | 3.20-community | noarch | libheif | < 1.17.6-r0 | UNKNOWN |
Related
cvelist
cvelist
CVE-2023-49463
2023-12-07 00:00:00
nvd
nvd
CVE-2023-49463
2023-12-07 20:15:38
cve
cve
CVE-2023-49463
2023-12-07 20:15:38
debiancve
debiancve
CVE-2023-49463
2023-12-07 20:15:38
prion
prion
Code injection
2023-12-07 20:15:00
ubuntucve
ubuntucve
CVE-2023-49463
2023-12-07 00:00:00
veracode
veracode
Denial Of Service
2023-12-08 10:49:07
redos
redos
ROS-20240408-01
2024-04-08 00:00:00
nessus
nessus
Fedora 40 : libheif (2023-692921aeb2)
2024-04-29 00:00:00
openvas
openvas
Mageia: Security Advisory (MGASA-2024-0243)
2024-06-28 00:00:00
Ubuntu: Security Advisory (USN-6847-1)
2024-06-26 00:00:00
mageia
mageia
Updated libheif packages fix security vulnerabilities
2024-06-28 05:41:31
osv
osv
libheif vulnerabilities
2024-06-25 16:50:16
ubuntu
ubuntu
libheif vulnerabilities
2024-06-25 00:00:00
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
0.001 Low
EPSS
Percentile
40.1%
Related for ALPINE:CVE-2023-49463