Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2026/06/30 6:45 a.m.6 views

CVE-2026-49271

A flaw was found in libheif, a decoder and encoder for HEIF and AVIF file formats. A remote attacker could exploit this vulnerability by providing a specially crafted HEIF file. The uncompressed HEIF decoder's validation of icef compressed-unit offsets can experience an integer wrap-around. This...

6.5CVSS5.8AI score0.00199EPSS
Exploits0References4
Snyk
Snyk
added 2026/06/19 7:8 p.m.6 views

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read in the uncompressed HEIF decoder process. An attacker can cause a crash by supplying a crafted HEIF file that manipulates compressed-unit offsets to trigger an out-of-bounds heap read. Remediation A fix was pushed int...

7.1CVSS5.8AI score0.00199EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/22 8:59 p.m.11 views

EUVD-2026-31501

libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and prior, a crafted HEIF sequence file where the saiz box declares more samples than actually exist in the track's chunk table causes a heap-buffer-overflow out-of-bounds read in the SampleAuxInfoReader constructor. T...

5.1CVSS5.8AI score0.00302EPSS
Exploits1References2
CNNVD
CNNVD
added 2025/12/29 12:0 a.m.6 views

libheif 输入验证错误漏洞

libheif is an ISO/IEC 23008-12:2017 HEIF file format decoder and encoder from struktur open source. An input validation error vulnerability exists in versions prior to libheif 1.21.0, which stems from a specially crafted HEIF file triggering an over-read of the heap buffer, which may result in a...

7.1CVSS7.2AI score0.00267EPSS
Exploits1References4
CNNVD
CNNVD
added 2021/11/03 12:0 a.m.8 views

libheif 缓冲区错误漏洞

libheif is an ISO/IEC 23008-12:2017 HEIF file format decoder and encoder. libheif version 1.6.2 contains a buffer overflow vulnerability in the convertcolorspace function in heifcolorconversion.cc. An attacker can exploit this vulnerability to cause a denial of service and disclose sensitive...

8.1CVSS6AI score0.01245EPSS
Exploits1References3
Rows per page
Query Builder