3 matches found
Heap-based Buffer Overflow
Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow in the HEIF decoder due to a subimage metadata mismatch. An attacker can achieve memory corruption and potentially execute arbitrary code by supplying a specially crafted image file. Remediation Upgrade...
Out-of-bounds Read
Overview Affected versions of this package are vulnerable to Out-of-bounds Read due to improper bounds checking in the decodepixel process. An attacker can trigger an out-of-bounds read by supplying a specially crafted TGA paletted image that causes integer wraparound during palette index...
Integer Overflow or Wraparound
Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound in the jpeg2000input.cpp process when calculating buffer size using signed 32-bit arithmetic. An attacker can trigger a heap overflow by providing crafted image dimensions that cause integer overflow,...