2 matches found
Infinite loop
Overview Affected versions of this package are vulnerable to Infinite loop in the getsampleduration function. An attacker can cause the application to enter an infinite loop and consume excessive CPU resources by providing a specially crafted HEIF file during file parsing. Remediation A fix was...
Buffer Over-read
Overview Affected versions of this package are vulnerable to Buffer Over-read via the ptpunpackEOSFocusInfoEx function. An attacker can cause a crash and potentially access sensitive memory contents by supplying specially crafted input from a malicious USB device. Remediation A fix was pushed int...