UBUNTU-CVE-2026-41069

libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and prior, a malformed HEIF sequence file can trigger an out-of-bounds read in core sequence parsing logic, causing DoS. A malformed file can have stco.entrycount == 0 creating no chunks while still passing validation...

DEBIAN-CVE-2026-32738

libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and below, a crafted 792-byte HEIF sequence file with samplesperchunk=0 in the stsc box causes an unsigned integer underflow in the Chunk constructor mlastsample = 0 + 0 - 1 = UINT32MAX, mapping all samples to an empty...

tifig 缓冲区错误漏洞

tifig is a Monostream open source fast HEIF image converter for thumbnails. A security vulnerability exists in tifig version v0.2.2, which stems from a heap buffer overflow in its /asan/asaninterceptorsmemintrinsics.cpp component in asanmemmove...

DEBIAN-CVE-2020-23109

Buffer overflow vulnerability in function convertcolorspace in heifcolorconversion.cc in libheif v1.6.2, allows attackers to cause a denial of service and disclose sensitive information, via a crafted HEIF file...

PT-2020-3001 · Microsoft · Windows Codecs Library

Name of the Vulnerable Software and Affected Versions: Microsoft Windows Codecs Library affected versions not specified Description: A remote code execution issue exists due to errors in handling objects in memory. This can be exploited by an attacker to execute arbitrary code using a specially...