12 matches found
SUSE CVE-2026-28231
pillowheif is a Python library for working with HEIF images and plugin for Pillow. Prior to version 1.3.0, an integer overflow in the encode path buffer validation of pillowheif.c allows an attacker to bypass bounds checks by providing large image dimensions, resulting in a heap out-of-bounds rea...
OPENSUSE-SU-2026:10285-1 python311-pillow-heif-1.3.0-1.1 on GA media
These are all security issues fixed in the python311-pillow-heif-1.3.0-1.1 package on the GA media of openSUSE Tumbleweed...
CVE-2026-28231
pillowheif is a Python library for working with HEIF images and plugin for Pillow. Prior to version 1.3.0, an integer overflow in the encode path buffer validation of pillowheif.c allows an attacker to bypass bounds checks by providing large image dimensions, resulting in a heap out-of-bounds rea...
indexdoc-converter (>=0.2.4 <=0.2.7), pdd-cli (>=0.0.70 <=0.0.250) +1 more potentially affected by CVE-2026-28231 via pillow-heif (>=1.1.1 <=1.2.0)
pillow-heif PYPI version =1.1.1, =0.2.4, =0.0.70, =0.4.0, =0.13.1 Source cves: CVE-2026-28231 Source advisory: SNYK:PYTHON-PILLOWHEIF-15426536...
Out-of-bounds Read
Overview pillow-heif is a Python interface for libheif library Affected versions of this package are vulnerable to Out-of-bounds Read via the CtxWriteImageaddplane function. An attacker can cause information disclosure or process crashes by supplying large image dimensions that bypass buffer boun...
CVE-2026-28231
pillowheif is a Python library for working with HEIF images and plugin for Pillow. Prior to version 1.3.0, an integer overflow in the encode path buffer validation of pillowheif.c allows an attacker to bypass bounds checks by providing large image dimensions, resulting in a heap out-of-bounds rea...
CVE-2026-28231 pillow_heif Has Integer Overflow in Encode Path Buffer Validation that Leads to Heap Out-of-Bounds Read
pillowheif is a Python library for working with HEIF images and plugin for Pillow. Prior to version 1.3.0, an integer overflow in the encode path buffer validation of pillowheif.c allows an attacker to bypass bounds checks by providing large image dimensions, resulting in a heap out-of-bounds rea...
CVE-2026-28231
pillowheif is a Python library for working with HEIF images and plugin for Pillow. Prior to version 1.3.0, an integer overflow in the encode path buffer validation of pillowheif.c allows an attacker to bypass bounds checks by providing large image dimensions, resulting in a heap out-of-bounds rea...
EUVD-2026-9061
pillowheif is a Python library for working with HEIF images and plugin for Pillow. Prior to version 1.3.0, an integer overflow in the encode path buffer validation of pillowheif.c allows an attacker to bypass bounds checks by providing large image dimensions, resulting in a heap out-of-bounds rea...
CVE-2026-28231
CVE-2026-28231 affects pillow_heif prior to 1.3.0. A integer overflow in the encode path buffer validation of _pillow_heif.c allows bypassing bounds checks when large image dimensions are provided, causing a heap out-of-bounds read. Reported consequences include information disclosure (server hea...
pillow-heif 输入验证错误漏洞
Pillow-Heif is a Python library and Pillow plugin developed by Alexander Piskun for processing HEIF images. Versions of Pillow-Heif prior to 1.3.0 contained a vulnerability related to input validation errors. This vulnerability stemmed from integer overflows that bypassed boundary checks,...
PT-2026-22391
Name of the Vulnerable Software and Affected Versions pillow heif versions prior to 1.3.0 Description An integer overflow in the encode path buffer validation within pillow heif.c allows an attacker to bypass bounds checks by providing large image dimensions. This can lead to a heap out-of-bounds...