11 matches found
TencentOS Server 4: libheif (TSSA-2024:0637)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0637 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...
Fedora: Security Advisory (FEDORA-2023-692921aeb2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Updated libheif packages fix security vulnerabilities
Yuchuan Meng discovered that libheif incorrectly handled certain image data. An attacker could possibly use this issue to crash the program, resulting in a denial of service. CVE-2023-49460, CVE-2023-49462, CVE-2023-49463, CVE-2023-49464...
MGASA-2024-0243 Updated libheif packages fix security vulnerabilities
Yuchuan Meng discovered that libheif incorrectly handled certain image data. An attacker could possibly use this issue to crash the program, resulting in a denial of service. CVE-2023-49460, CVE-2023-49462, CVE-2023-49463, CVE-2023-49464...
Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 23.10 : libheif vulnerabilities (USN-6847-1)
The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6847-1 advisory. It was discovered that libheif incorrectly handled certain image data. An attacker could possibly use this issue to crash...
Ubuntu: Security Advisory (USN-6847-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 40 : libheif (2023-692921aeb2)
The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-692921aeb2 advisory. Automatic update for libheif-1.17.5-1.fc40. Changelog Fri Dec 15 2023 Dominik Mierzejewski - 1.17.5-2 - Update to 1.17.5 rhbz2244583 - Backport fixe...
CVE-2023-49460
libheif v1.17.5 was discovered to contain a segmentation violation via the function UncompressedImageCodec::decodeuncompressedimage...
UBUNTU-CVE-2023-49460
libheif v1.17.5 was discovered to contain a segmentation violation via the function UncompressedImageCodec::decodeuncompressedimage...
CVE-2023-49460
libheif v1.17.5 was discovered to contain a segmentation violation via the function UncompressedImageCodec::decodeuncompressedimage...
CVE-2023-49460
CVE-2023-49460 affects libheif version 1.17.5 where the segmentation violation occurs in UncompressedImageCodec::decode_uncompressed_image. Connected advisories confirm this leads to crashes and potential denial of service under exploitation, with CVSS v3.1 base score 8.8 (NETWORK, HIGH) and no p...