libheif.so is vulnerable to denial of service through heap-based buffer overflow attacks. The vulnerability exists in ‘convert_colorspace’ in ‘heif_colorconversion.cc’ of the heif file handler. A malicious attacker is able to send a crafted HEIF to gain sensitive information and cause an application crash.
CPE | Name | Operator | Version |
---|---|---|---|
libheif.so | eq | 1.6.2 | |
libheif.so | eq | 1.6.2 |