Lucene search
K

4 matches found

Positive Technologies
Positive Technologies
added 2026/06/05 12:0 a.m.8 views

PT-2026-49255

libheif is a HEIF and AVIF file format decoder and encoder. Versions 1.21.2 and prior contain a heap-buffer-overflow write vulnerability in the grid tile compositing, allowing an attacker to write 64 bytes of fully attacker-controlled data past the end of a chroma plane heap allocation by craftin...

8.8CVSS5.4AI score
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/05/22 12:0 a.m.13 views

Linux Distros Unpatched Vulnerability : CVE-2026-32814

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and prior, when decoding a HEIF grid image with strictdecoding=false the default,...

6.5CVSS5.7AI score0.00303EPSS
Exploits0References3
Snyk
Snyk
added 2026/05/19 9:51 p.m.12 views

Use of Uninitialized Resource

Overview Affected versions of this package are vulnerable to Use of Uninitialized Resource in the decoding process of grid-based HEIF or AVIF images when a corrupted tile fails to decode and the library returns a success status, resulting in uninitialized heap memory being exposed as pixel data. ...

7.1CVSS5.8AI score0.00303EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/19 12:0 a.m.10 views

PT-2026-42006

Name of the Vulnerable Software and Affected Versions libheif versions prior to 1.22.0 Description When decoding a HEIF grid image with strict decoding set to false the default, a corrupted tile may fail to decode silently. The library returns heif error Ok without indicating failure, resulting i...

7.1CVSS5.8AI score0.00343EPSS
Exploits1References76
Rows per page
Query Builder