Struktur: >> Libheif Security Vulnerabilities
There is a vulnerability in the strided image data parsing code in the emscripten wrapper for libheif. An attacker could exploit this through a crafted image file to cause a buffer overflow in linear memory during a memcpy call.
CVSS Score
7.8
EPSS Score
0.002
Published
2023-02-24
Buffer overflow vulnerability in function convert_colorspace in heif_colorconversion.cc in libheif v1.6.2, allows attackers to cause a denial of service and disclose sensitive information, via a crafted HEIF file.
CVSS Score
8.1
EPSS Score
0.003
Published
2021-11-03
Floating point exception in function Fraction in libheif 1.4.0, allows attackers to cause a Denial of Service or possibly other unspecified impacts.
CVSS Score
8.8
EPSS Score
0.004
Published
2021-07-21
An issue was discovered in heif::Box_iref::get_references in libheif 1.4.0, allows attackers to cause a Denial of Service or possibly other unspecified impact due to an invalid memory read.
CVSS Score
8.8
EPSS Score
0.004
Published
2021-07-21
libheif 1.4.0 has a use-after-free in heif::HeifContext::Image::set_alpha_channel in heif_context.h because heif_context.cc mishandles references to non-existing alpha images.
CVSS Score
8.8
EPSS Score
0.003
Published
2019-04-23
Page 2