Lucene search
Veracode Vulnerability DatabaseVERACODE:32830HistoryNov 05, 2021 - 12:59 p.m.
Denial Of Service (DoS) Through Heap Buffer Overflow
2021-11-0512:59:57
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
7
0.002 Low
EPSS
Percentile
61.1%
libheif.so is vulnerable to denial of service through heap-based buffer overflow attacks. The vulnerability exists in ‘convert_colorspace’ in ‘heif_colorconversion.cc’ of the heif file handler. A malicious attacker is able to send a crafted HEIF to gain sensitive information and cause an application crash.
| CPE | Name | Operator | Version |
|---|---|---|---|
| libheif.so | eq | 1.6.2 | |
| libheif.so | eq | 1.6.2 |
Related
debiancve
debiancve
CVE-2020-23109
2021-11-03 17:15:08
nvd
nvd
CVE-2020-23109
2021-11-03 17:15:08
ubuntucve
ubuntucve
CVE-2020-23109
2021-11-03 00:00:00
prion
prion
Buffer overflow
2021-11-03 17:15:00
cvelist
cvelist
CVE-2020-23109
2021-11-03 16:07:03
cnvd
cnvd
libheif buffer overflow vulnerability
2021-11-04 00:00:00
osv
osv
CVE-2020-23109
2021-11-03 17:15:08
libheif vulnerabilities
2024-06-25 16:50:16
cve
cve
CVE-2020-23109
2021-11-03 17:15:08
mageia
mageia
Updated libheif packages fix security vulnerabilities
2024-06-28 05:41:31
nessus
nessus
openvas
openvas
Mageia: Security Advisory (MGASA-2024-0243)
2024-06-28 00:00:00
Ubuntu: Security Advisory (USN-6847-1)
2024-06-26 00:00:00
ubuntu
ubuntu
libheif vulnerabilities
2024-06-25 00:00:00