Lucene search
+L

9 matches found

CVE
CVE
added 2025/04/20 12:0 a.m.141 views

CVE-2025-43967

CVE-2025-43967 involves a NULL pointer dereference in libheif

7.5CVSS7.2AI score0.00384EPSS
CVE
CVE
added 2026/05/22 8:59 p.m.90 views

CVE-2026-41071

CVE-2026-41071 affects libheif up to version 1.21.2. A crafted HEIF sequence file where the saiz box declares more samples than actually exist can trigger a heap‑buffer‑overflow (out‑of‑bounds read) in the SampleAuxInfoReader constructor when parsing via heif_context_read_from_file. The reader it...

8.1CVSS5.8AI score0.00302EPSS
CVE
CVE
added 2025/04/20 12:0 a.m.87 views

CVE-2025-43966

CVE-2025-43966 affects libheif prior to 1.19.6, with a NULL pointer dereference in ImageItem_iden (iden.cc). Root cause: dereference of a null item reference leading to potential crash. Impact: availability may be reduced (per CVSS in public entry). Remediation: upgrade libheif to version 1.19.6 ...

7.5CVSS7.1AI score0.00279EPSS
CVE
CVE
added 2026/05/19 7:22 p.m.71 views

CVE-2026-32740

libheif (HEIF/AVIF decoder/encoder) versions

8.8CVSS5.8AI score0.00514EPSS
CVE
CVE
added 2026/05/22 8:49 p.m.68 views

CVE-2026-41069

Summary: CVE-2026-41069 affects libheif up to v1.21.2, where a malformed HEIF sequence can trigger an out-of-bounds read in core sequence parsing, leading to DoS. The issue occurs when stco.entry_count == 0 but saiz.sample_count > 0, causing the SampleAuxInfoReader loop to dereference an empty...

6.5CVSS5.8AI score0.00253EPSS
CVE
CVE
added 2025/12/29 7:9 p.m.38 views

CVE-2025-68431

CVE-2025-68431 affects libheif prior to version 1.21.0, where a crafted HEIF exploiting the overlay image item path triggers a heap buffer over-read in HeifPixelImage::overlay() . The root cause is a negative row length (likely from an unclipped overlay rectangle or invalid offsets) that underflo...

7.1CVSS6.6AI score0.00267EPSS
CVE
CVE
added 2026/05/19 7:3 p.m.33 views

CVE-2026-32738

libheif (versions

6.5CVSS5.7AI score0.00301EPSS
CVE
CVE
added 2026/06/19 5:16 p.m.32 views

CVE-2026-49271

CVE-2026-49271 affects libheif prior to 1.22.1. The uncompressed HEIF decoder validates icef compressed-unit offsets with unit_offset + unit_size, which can wrap and allow constructing iterators outside the compressed item buffer, causing an out-of-bounds heap read and crash. This vulnerability i...

6.5CVSS5.8AI score0.00199EPSS
CVE
CVE
added 2026/05/19 7:10 p.m.28 views

CVE-2026-32739

libheif (HEIF/AVIF decoder) is affected through versions 1.21.2 and earlier, where a crafted 800-byte HEIF sequence file can trigger an infinite loop in Box_stts::get_sample_duration() during parsing, causing 100% CPU DoS with no progress and no crashログ. The issue is triggered on file open and is...

6.5CVSS5.7AI score0.0032EPSS