12 matches found
JLSEC-2026-156
libheif is an HEIF and AVIF file format decoder and encoder. Prior to version 1.21.0, a crafted HEIF that exercises the overlay image item path triggers a heap buffer over-read in HeifPixelImage::overlay. The function computes a negative row length likely from an unclipped overlay rectangle or...
Advisory ROSA-SA-2026-3256
software: libheif 1.12.0 WASP: ROSA-CHROME unaffected versions = libheif-1.12.0-6 affected versions libheif-1.12.0-6 CVE-ID: CVE-2025-68431 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: In libheif HEIF/AVIF decoder/encoder before 1.21.0, when processing a specially formed HEIF with an overlay element ...
Amazon Linux 2023 : heif-pixbuf-loader, libheif, libheif-devel (ALAS2023-2026-1363)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1363 advisory. libheif is an HEIF and AVIF file format decoder and encoder. Prior to version 1.21.0, a crafted HEIF that exercises the overlay image item path triggers a heap buffer over-read in...
SUSE CVE-2025-68431
libheif is an HEIF and AVIF file format decoder and encoder. Prior to version 1.21.0, a crafted HEIF that exercises the overlay image item path triggers a heap buffer over-read in HeifPixelImage::overlay. The function computes a negative row length likely from an unclipped overlay rectangle or...
ALPINE-CVE-2025-68431
libheif is an HEIF and AVIF file format decoder and encoder. Prior to version 1.21.0, a crafted HEIF that exercises the overlay image item path triggers a heap buffer over-read in HeifPixelImage::overlay. The function computes a negative row length likely from an unclipped overlay rectangle or...
UBUNTU-CVE-2025-68431
libheif is an HEIF and AVIF file format decoder and encoder. Prior to version 1.21.0, a crafted HEIF that exercises the overlay image item path triggers a heap buffer over-read in HeifPixelImage::overlay. The function computes a negative row length likely from an unclipped overlay rectangle or...
CVE-2025-68431
libheif is an HEIF and AVIF file format decoder and encoder. Prior to version 1.21.0, a crafted HEIF that exercises the overlay image item path triggers a heap buffer over-read in HeifPixelImage::overlay. The function computes a negative row length likely from an unclipped overlay rectangle or...
CVE-2025-68431 libheif has Potential Heap Buffer Over-Read
libheif is an HEIF and AVIF file format decoder and encoder. Prior to version 1.21.0, a crafted HEIF that exercises the overlay image item path triggers a heap buffer over-read in HeifPixelImage::overlay. The function computes a negative row length likely from an unclipped overlay rectangle or...
EUVD-2025-205646
libheif is an HEIF and AVIF file format decoder and encoder. Prior to version 1.21.0, a crafted HEIF that exercises the overlay image item path triggers a heap buffer over-read in HeifPixelImage::overlay. The function computes a negative row length likely from an unclipped overlay rectangle or...
CVE-2025-68431
CVE-2025-68431 affects libheif prior to 1.21.0. A crafted HEIF can trigger a heap buffer over-read in HeifPixelImage::overlay() when an overlay path yields a negative row length, which underflows to size_t and causes a large read past the source plane, potentially crashing. A patch exists in 1.21...
CVE-2025-68431 libheif has Potential Heap Buffer Over-Read
libheif is an HEIF and AVIF file format decoder and encoder. Prior to version 1.21.0, a crafted HEIF that exercises the overlay image item path triggers a heap buffer over-read in HeifPixelImage::overlay. The function computes a negative row length likely from an unclipped overlay rectangle or...
PT-2025-53782
Name of the Vulnerable Software and Affected Versions libheif versions prior to 1.21.0 Description libheif is a decoder and encoder for HEIF and AVIF file formats. A specially crafted HEIF file that utilizes the overlay image item path can cause a heap buffer over-read in the...