libheif is an ISO/IEC 23008-12:2017 HEIF file format decoder and encoder. libheif version 1.6.2 contains a buffer overflow vulnerability in the convert_colorspace function in heif_colorconversion.cc. An attacker can exploit this vulnerability to cause a denial of service and disclose sensitive information via specially crafted HEIF files.