Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:36 p.m.9 views

CVE-2026-41069

A flaw was found in libheif, a HEIF High Efficiency Image File Format and AVIF file format decoder and encoder. A remote attacker could exploit this vulnerability by providing a specially crafted, malformed HEIF sequence file. This malformed file can trigger an out-of-bounds read during the core...

6.5CVSS4.3AI score0.00253EPSS
Exploits1References2
OSV
OSV
added 2026/06/05 3:18 p.m.7 views

JLSEC-2026-574

libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and prior, a crafted HEIF sequence file where the saiz box declares more samples than actually exist in the track's chunk table causes a heap-buffer-overflow out-of-bounds read in the SampleAuxInfoReader constructor. T...

5.1CVSS5.2AI score0.00302EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/06/05 12:0 a.m.6 views

PT-2026-49257

libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and prior, a crafted HEIF sequence file where the saiz box declares more samples than actually exist in the track's chunk table causes a heap-buffer-overflow out-of-bounds read in the SampleAuxInfoReader constructor. T...

5.1CVSS5.3AI score
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/05 12:0 a.m.7 views

PT-2026-49256

libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and prior, a malformed HEIF sequence file can trigger an out-of-bounds read in core sequence parsing logic, causing DoS. A malformed file can have stco.entry count == 0 creating no chunks while still passing validation...

6.5CVSS5.4AI score
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/05/22 10:16 p.m.7 views

CVE-2026-41071

libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and prior, a crafted HEIF sequence file where the saiz box declares more samples than actually exist in the track's chunk table causes a heap-buffer-overflow out-of-bounds read in the SampleAuxInfoReader constructor. T...

8.1CVSS5.7AI score0.00302EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/05/22 8:59 p.m.8 views

CVE-2026-41071

libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and prior, a crafted HEIF sequence file where the saiz box declares more samples than actually exist in the track's chunk table causes a heap-buffer-overflow out-of-bounds read in the SampleAuxInfoReader constructor. T...

5.1CVSS5.8AI score0.00302EPSS
Exploits1References3Affected Software1
CNNVD
CNNVD
added 2026/05/22 12:0 a.m.8 views

libheif 缓冲区错误漏洞

LibHEIF is a open-source decoder and encoder for the ISO/IEC 23008-12:2017 HEIF file format developed by Struktur. Versions of LibHEIF prior to 1.21.2 contain a buffer error vulnerability. This vulnerability arises from the fact that the number of samples declared in the saiz frame exceeds the...

8.1CVSS6AI score0.00302EPSS
Exploits1References2
Rows per page
Query Builder