Struktur: >> Libheif >> 1.14.2 Security Vulnerabilities
libheif before 1.19.6 has a NULL pointer dereference in ImageItem_iden in image-items/iden.cc.
CVSS Score
2.9
EPSS Score
0.0
Published
2025-04-21
libheif before 1.19.6 has a NULL pointer dereference in ImageItem_Grid::get_decoder in image-items/grid.cc because a grid image can reference a nonexistent image item.
CVSS Score
2.9
EPSS Score
0.0
Published
2025-04-21
libheif <= 1.17.6 contains a memory leak in the function JpegEncoder::Encode. This flaw allows an attacker to cause a denial of service attack.
CVSS Score
7.5
EPSS Score
0.001
Published
2024-03-05
There is a vulnerability in the strided image data parsing code in the emscripten wrapper for libheif. An attacker could exploit this through a crafted image file to cause a buffer overflow in linear memory during a memcpy call.
CVSS Score
7.8
EPSS Score
0.002
Published
2023-02-24