Lucene search
+L

19 matches found

osv
osv
added 2026/06/24 11:55 a.m.2 views

SUSE-SU-2026:2622-1 Security update for libheif

This update for libheif fixes the following issues Update to 1.23.0: - CVE-2025-68431: heap buffer over-read in HeifPixelImage: overlay via crafted HEIF that exercises the overlay image item bsc1255735. - CVE-2026-3950: manipulation of the component stsz/stts can lead to out-of-bounds read...

8.8CVSS6.1AI score0.00514EPSS
Exploits6References45
amazon
amazon
added 2026/06/08 12:0 a.m.13 views

Important: libheif

Issue Overview: libheif is a HEIF and AVIF file format decoder and encoder. Versions 1.21.2 and prior contain a heap-buffer-overflow write vulnerability in the grid tile compositing, allowing an attacker to write 64 bytes of fully attacker-controlled data past the end of a chroma plane heap...

8.8CVSS5.5AI score0.00514EPSS
Exploits1
osv
osv
added 2026/06/05 3:18 p.m.10 views

JLSEC-2026-572

libheif is a HEIF and AVIF file format decoder and encoder. Versions 1.21.2 and prior contain a heap-buffer-overflow write vulnerability in the grid tile compositing, allowing an attacker to write 64 bytes of fully attacker-controlled data past the end of a chroma plane heap allocation by craftin...

8.8CVSS5.3AI score0.00514EPSS
Exploits1References2
nessus
nessus
added 2026/05/22 12:0 a.m.85 views

Linux Distros Unpatched Vulnerability : CVE-2026-32740

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libheif is a HEIF and AVIF file format decoder and encoder. Versions 1.21.2 and prior contain a heap- buffer-overflow write vulnerability in the grid tile...

8.8CVSS6AI score0.00514EPSS
Exploits1References2
susecve
susecve
added 2026/05/21 2:29 a.m.18 views

SUSE CVE-2026-32740

libheif is a HEIF and AVIF file format decoder and encoder. Versions 1.21.2 and prior contain a heap-buffer-overflow write vulnerability in the grid tile compositing, allowing an attacker to write 64 bytes of fully attacker-controlled data past the end of a chroma plane heap allocation by craftin...

7.8CVSS5.8AI score0.00514EPSS
Exploits1References5
redhatcve
redhatcve
added 2026/05/19 11:19 p.m.15 views

CVE-2026-32740

A flaw was found in libheif, a library for decoding and encoding HEIF and AVIF image files. This heap-buffer-overflow vulnerability allows a remote attacker to write arbitrary data beyond the intended memory boundary. By crafting a malicious HEIF/AVIF file with a specific grid tile configuration,...

8.8CVSS6.3AI score0.00514EPSS
Exploits1References5
redhatcve
redhatcve
added 2026/05/19 11:9 p.m.10 views

CVE-2026-32814

A flaw was found in libheif, a HEIF and AVIF file format decoder and encoder. When processing a specially crafted HEIF or AVIF image containing a corrupted grid tile, the library fails to properly initialize memory. This can lead to an information disclosure, where uninitialized heap memory,...

6.5CVSS5.8AI score0.00303EPSS
Exploits0References5
snyk
snyk
added 2026/05/19 9:51 p.m.9 views

Out-of-bounds Write

Overview Affected versions of this package are vulnerable to Out-of-bounds Write through the image decoding process when handling grid tile chroma compositing. An attacker can execute arbitrary code or cause a denial of service by crafting a specially designed HEIF/AVIF file with a 1×4 grid of...

8.8CVSS6.2AI score0.00514EPSS
Exploits1References2
osv
osv
added 2026/05/19 8:16 p.m.9 views

DEBIAN-CVE-2026-32740

libheif is a HEIF and AVIF file format decoder and encoder. Versions 1.21.2 and prior contain a heap-buffer-overflow write vulnerability in the grid tile compositing, allowing an attacker to write 64 bytes of fully attacker-controlled data past the end of a chroma plane heap allocation by craftin...

8.8CVSS5.8AI score0.00514EPSS
Exploits1References1
nvd
nvd
added 2026/05/19 8:16 p.m.27 views

CVE-2026-32740

libheif is a HEIF and AVIF file format decoder and encoder. Versions 1.21.2 and prior contain a heap-buffer-overflow write vulnerability in the grid tile compositing, allowing an attacker to write 64 bytes of fully attacker-controlled data past the end of a chroma plane heap allocation by craftin...

8.8CVSS0.00514EPSS
Exploits1References5
osv
osv
added 2026/05/19 8:16 p.m.17 views

UBUNTU-CVE-2026-32740

libheif is a HEIF and AVIF file format decoder and encoder. Versions 1.21.2 and prior contain a heap-buffer-overflow write vulnerability in the grid tile compositing, allowing an attacker to write 64 bytes of fully attacker-controlled data past the end of a chroma plane heap allocation by craftin...

8.8CVSS5.8AI score0.00514EPSS
Exploits1References5
ubuntucve
ubuntucve
added 2026/05/19 8:16 p.m.10 views

CVE-2026-32740

libheif is a HEIF and AVIF file format decoder and encoder. Versions 1.21.2 and prior contain a heap-buffer-overflow write vulnerability in the grid tile compositing, allowing an attacker to write 64 bytes of fully attacker-controlled data past the end of a chroma plane heap allocation by craftin...

8.8CVSS5.9AI score0.00514EPSS
Exploits1References4
cvelist
cvelist
added 2026/05/19 7:22 p.m.45 views

CVE-2026-32740 libheif: Heap-Buffer-Overflow Write in Grid Tile Chroma Compositing

libheif is a HEIF and AVIF file format decoder and encoder. Versions 1.21.2 and prior contain a heap-buffer-overflow write vulnerability in the grid tile compositing, allowing an attacker to write 64 bytes of fully attacker-controlled data past the end of a chroma plane heap allocation by craftin...

8.8CVSS0.00514EPSS
Exploits1References2
debiancve
debiancve
added 2026/05/19 7:22 p.m.11 views

CVE-2026-32740

libheif is a HEIF and AVIF file format decoder and encoder. Versions 1.21.2 and prior contain a heap-buffer-overflow write vulnerability in the grid tile compositing, allowing an attacker to write 64 bytes of fully attacker-controlled data past the end of a chroma plane heap allocation by craftin...

8.8CVSS5.8AI score0.00514EPSS
Exploits1
osv
osv
added 2026/05/19 7:22 p.m.3 views

CVE-2026-32740 libheif: Heap-Buffer-Overflow Write in Grid Tile Chroma Compositing

libheif is a HEIF and AVIF file format decoder and encoder. Versions 1.21.2 and prior contain a heap-buffer-overflow write vulnerability in the grid tile compositing, allowing an attacker to write 64 bytes of fully attacker-controlled data past the end of a chroma plane heap allocation by craftin...

8.8CVSS5.9AI score0.00514EPSS
Exploits1References7
euvd
euvd
added 2026/05/19 7:22 p.m.15 views

EUVD-2026-30978

libheif is a HEIF and AVIF file format decoder and encoder. Versions 1.21.2 and prior contain a heap-buffer-overflow write vulnerability in the grid tile compositing, allowing an attacker to write 64 bytes of fully attacker-controlled data past the end of a chroma plane heap allocation by craftin...

8.8CVSS5.8AI score0.00514EPSS
Exploits1References2
vulnrichment
vulnrichment
added 2026/05/19 7:22 p.m.8 views

CVE-2026-32740 libheif: Heap-Buffer-Overflow Write in Grid Tile Chroma Compositing

libheif is a HEIF and AVIF file format decoder and encoder. Versions 1.21.2 and prior contain a heap-buffer-overflow write vulnerability in the grid tile compositing, allowing an attacker to write 64 bytes of fully attacker-controlled data past the end of a chroma plane heap allocation by craftin...

8.8CVSS5.8AI score0.00514EPSS
Exploits1References2
alpinelinux
alpinelinux
added 2026/05/19 7:22 p.m.19 views

CVE-2026-32740

libheif is a HEIF and AVIF file format decoder and encoder. Versions 1.21.2 and prior contain a heap-buffer-overflow write vulnerability in the grid tile compositing, allowing an attacker to write 64 bytes of fully attacker-controlled data past the end of a chroma plane heap allocation by craftin...

8.8CVSS5.8AI score0.00514EPSS
Exploits1
ptsecurity
ptsecurity
added 2026/05/19 12:0 a.m.15 views

PT-2026-42003

Name of the Vulnerable Software and Affected Versions libheif versions prior to 1.22.0 Description A heap-buffer-overflow write exists in the grid tile compositing of the HEIF and AVIF file format decoder and encoder. An attacker can write 64 bytes of controlled data past the end of a chroma plan...

8.8CVSS5.8AI score0.00514EPSS
Exploits3References81
Rows per page
Query Builder