11 matches found
Debian: Security Advisory (DLA-3945-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian dla-3945 : heif-gdk-pixbuf - security update
The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3945 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3945-1 [email protected]...
MGASA-2024-0243 Updated libheif packages fix security vulnerabilities
Yuchuan Meng discovered that libheif incorrectly handled certain image data. An attacker could possibly use this issue to crash the program, resulting in a denial of service. CVE-2023-49460, CVE-2023-49462, CVE-2023-49463, CVE-2023-49464...
Updated libheif packages fix security vulnerabilities
Yuchuan Meng discovered that libheif incorrectly handled certain image data. An attacker could possibly use this issue to crash the program, resulting in a denial of service. CVE-2023-49460, CVE-2023-49462, CVE-2023-49463, CVE-2023-49464...
Ubuntu: Security Advisory (USN-6847-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 23.10 : libheif vulnerabilities (USN-6847-1)
The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6847-1 advisory. It was discovered that libheif incorrectly handled certain image data. An attacker could possibly use this issue to crash...
Mageia: Security Advisory (MGASA-2023-0144)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Updated libheif packages fix security vulnerability
Vulnerability in the strided image data parsing code in the emscripten wrapper for libheif. An attacker could exploit this through a crafted image file to cause a buffer overflow in linear memory during a memcpy call. CVE-2023-0996...
SUSE SLED15: gdk-pixbuf-loader-libheif / libheif-devel / libheif1 / etc (SUSE-SU-2023:1766-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:1766-1 advisory. - CVE-2023-0996: Fixed a buffer overflow in heifjsdecodeimage bsc1208640. Tenable has extracted the...
SUSE-SU-2023:1766-1 Security update for libheif
This update for libheif fixes the following issues: - CVE-2023-0996: Fixed a buffer overflow in heifjsdecodeimage bsc1208640...
CVE-2023-0996
CVE-2023-0996 affects libheif (strided image data parsing in the Emscripten wrapper), enabling a crafted image to trigger a buffer overflow in linear memory during memcpy. Connected advisories confirm libheif as the affected component across multiple distros (Debian DLA-3945; Mageia update; Ubunt...