Lucene search
K

6 matches found

CVE
CVE
added 2026/06/09 7:57 p.m.83 views

CVE-2025-71319

CVE-2025-71319 affects image-size versions 1.1.0 before 1.2.1 and 2.0.0 before 2.0.2. The vulnerability resides in the findBox function, triggered when processing crafted images with zero-sized boxes (JXL, HEIF, or JP2), causing an infinite loop and denial of service. The issue could lead to appl...

8.7CVSS5.8AI score0.00625EPSS
Exploits1References7Affected Software1
SUSE CVE
SUSE CVE
added 2026/03/05 6:50 a.m.6 views

SUSE CVE-2026-28231

pillowheif is a Python library for working with HEIF images and plugin for Pillow. Prior to version 1.3.0, an integer overflow in the encode path buffer validation of pillowheif.c allows an attacker to bypass bounds checks by providing large image dimensions, resulting in a heap out-of-bounds rea...

9.1CVSS6AI score0.00632EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/02/27 12:0 a.m.6 views

PT-2026-22391

Name of the Vulnerable Software and Affected Versions pillow heif versions prior to 1.3.0 Description An integer overflow in the encode path buffer validation within pillow heif.c allows an attacker to bypass bounds checks by providing large image dimensions. This can lead to a heap out-of-bounds...

6.9CVSS6.1AI score0.00632EPSS
Exploits1References7
EUVD
EUVD
added 2025/10/03 8:7 p.m.2 views

EUVD-2023-1439

Malicious code in bioql PyPI...

6.5CVSS7.4AI score0.00927EPSS
Exploits1References12
AstraLinux
AstraLinux
added 2024/11/23 3:4 a.m.5 views

Astra Linux – Vulnerability in libheif

A segmentation fault caused by a floating-point exception exists in libheif 1.15.1 when using crafted heif images through the heif::Fraction::round function in box.cc, which results in a denial of service...

6.5CVSS6.8AI score0.00927EPSS
Exploits1References3
Veracode
Veracode
added 2023/05/09 2:40 a.m.21 views

Denial Of Services (DoS)

libheif.so is vulnerable to Denial Of Services DoS. The vulnerability exists due to the segmentation fault in the Fraction function of box.cc, allowing an attacker to cause an application crash through the floating point exception by providing maliciously crafted heif images...

6.5CVSS6.1AI score0.00927EPSS
Exploits1References7Affected Software1
Rows per page
Query Builder