453 matches found
GHSA-5PMV-RX8R-WMV5 jxl-grid on 32-bit platforms has an out-of-bounds writes due to integer overflow
Summary On 32-bit platforms, decoding a crafted image may lead to out-of-bounds writes due to integer overflow in length calculation. Details & PoC The test listed below fail under miri with command cargo +nightly miri test --release -p jxl-grid Or you can use Address Sanitizer, which ignores...
Pillow: Pillow: Denial of Service via decompression bomb in FITS image processing
A flaw was found in Pillow, a Python imaging library. This vulnerability allows a remote attacker to trigger a denial of service DoS by providing a specially crafted FITS image file. The library's failure to limit the amount of GZIP-compressed data during decoding can lead to unbounded memory...
DEBIAN-CVE-2026-46604
The TIFF decoder can panic when decoding an invalid image with an out-of-bounds strip offset...
CVE-2026-46523
CVE-2026-46523 is a use-after-free in ImageMagick’s MSL image handling. A crafted MSL image can trigger a heap-use-after-free, affecting versions prior to 7.1.2.23 and 6.9.13-48. The issue is fixed in 7.1.2.23 and 6.9.13-48. If you rely on ImageMagick, upgrade to one of the fixed releases to reme...
Arbitrary File Upload
Overview Affected versions of this package are vulnerable to Arbitrary File Upload through the image decoding process. An attacker can cause the server process to crash by uploading a specially crafted TIFF file that triggers excessive memory allocation. Remediation Upgrade...
Amazon Linux 2023 : heif-pixbuf-loader, libheif, libheif-devel (ALAS2023-2026-1814)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1814 advisory. libheif is a HEIF and AVIF file format decoder and encoder. Versions 1.21.2 and prior contain a heap- buffer-overflow write vulnerability in the grid tile compositing, allowing an attacker to...
PT-2026-49255
libheif is a HEIF and AVIF file format decoder and encoder. Versions 1.21.2 and prior contain a heap-buffer-overflow write vulnerability in the grid tile compositing, allowing an attacker to write 64 bytes of fully attacker-controlled data past the end of a chroma plane heap allocation by craftin...
CVE-2026-42500 Panic when reading out of bound palette index in golang.org/x/image/bmp
Decoding a paletted BMP file with an out-of-range palette index results in a panic when accessing pixels in the invalid image...
Out-of-bounds writes due to integer overflow in jxl-grid on 32-bit platforms
On 32-bit platforms, decoding a crafted image may lead to out-of-bounds writes due to integer overflow in length calculation. This could allow arbitrary code execution. Details & PoC The test listed below fail under miri with command cargo +nightly miri test --release -p jxl-grid Or you can use...
CVE-2025-70103
Heap buffer overflow vulnerability in libjxl 0.12.0 via crafted PBM images to the jxl::extras::DecodeImagePNM function in file lib/extras/dec/pnm.cc...
CVE-2025-70103
CVE-2025-70103 is a heap buffer overflow in libjxl 0.12.0 triggered by crafted PBM images, targeting the jxl::extras::DecodeImagePNM function in lib/extras/dec/pnm.cc . The CVSSv3.1 base score is 7.3 (HIGH) with a NETWORK attack vector, requiring no privileges and only user interaction, and impac...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: spice (UTSA-2026-016604)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016604 advisory. Multiple buffer overflow vulnerabilities were found in the QUIC image decoding process of the SPICE remote display system, before spice-0.14.2-1. Both the SPICE clie...
Linux Distros Unpatched Vulnerability : CVE-2026-32741
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libheif is a HEIF and AVIF file format decoder and encoder. Versions 1.21.2 and below contain a heap buffer overflow in MaskImageCodec::decodemaskimage. When...
SUSE CVE-2026-32740
libheif is a HEIF and AVIF file format decoder and encoder. Versions 1.21.2 and prior contain a heap-buffer-overflow write vulnerability in the grid tile compositing, allowing an attacker to write 64 bytes of fully attacker-controlled data past the end of a chroma plane heap allocation by craftin...
SUSE CVE-2026-32741
libheif is a HEIF and AVIF file format decoder and encoder. Versions 1.21.2 and below contain a heap buffer overflow in MaskImageCodec::decodemaskimage. When decoding a HEIF file containing a mask image mski, the function copies the full iloc extent data into a pixel buffer using memcpydst,...
SUSE CVE-2026-32814
libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and prior, when decoding a HEIF grid image with strictdecoding=false the default, a corrupted tile silently fails to decode and the library returns heiferrorOk with no indication of failure, leading to an uninitialized...
Astra Linux – Vulnerability in libpng1.6
A issue has been identified in third-party PNM decoding related to libpng 1.6.35. It is a stack-based buffer overflow in the gettoken function located in the pnm2png.c file within pnm2png...
CVE-2026-32741
A flaw was found in libheif, a library for decoding and encoding HEIF High Efficiency Image File Format and AVIF files. A remote attacker could exploit a heap buffer overflow vulnerability in the MaskImageCodec::decodemaskimage function by providing a specially crafted HEIF file containing a mask...
Out-of-bounds Write
Overview Affected versions of this package are vulnerable to Out-of-bounds Write through the image decoding process when handling grid tile chroma compositing. An attacker can execute arbitrary code or cause a denial of service by crafting a specially designed HEIF/AVIF file with a 1×4 grid of...
DEBIAN-CVE-2026-32814
libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and prior, when decoding a HEIF grid image with strictdecoding=false the default, a corrupted tile silently fails to decode and the library returns heiferrorOk with no indication of failure, leading to an uninitialized...