CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-0996

There is a vulnerability in the strided image data parsing code in the emscripten wrapper for libheif. An attacker could exploit this through a crafted image file to cause a buffer overflow in linear memory during a memcpy call.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 37.7%

CVSS Severity

CVSS v3 Score 7.8

References

https://github.com/strukturag/libheif/pull/759
https://govtech-csg.github.io/security-advisories/2023/02/24/CVE-2023-0996.html
https://github.com/strukturag/libheif/pull/759
https://govtech-csg.github.io/security-advisories/2023/02/24/CVE-2023-0996.html

Products affected by CVE-2023-0996

Struktur » Libheif » Version: 1.14.2

cpe:2.3:a:struktur:libheif:1.14.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-0996

Products

Pricing

Contact Us