Struktur Libheif
By the Year
In 2024 there have been 0 vulnerabilities in Struktur Libheif . Last year Libheif had 6 security vulnerabilities published. Right now, Libheif is on track to have less security vulnerabilities in 2024 than it did last year.
Year | Vulnerabilities | Average Score |
---|---|---|
2024 | 0 | 0.00 |
2023 | 6 | 8.25 |
2022 | 0 | 0.00 |
2021 | 3 | 8.57 |
2020 | 0 | 0.00 |
2019 | 1 | 8.80 |
2018 | 0 | 0.00 |
It may take a day or so for new Libheif vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Struktur Libheif Security Vulnerabilities
libheif v1.17.5 was discovered to contain a segmentation violation
CVE-2023-49464
8.8 - High
- December 07, 2023
libheif v1.17.5 was discovered to contain a segmentation violation via the function UncompressedImageCodec::get_luma_bits_per_pixel_from_configuration_unci.
libheif v1.17.5 was discovered to contain a segmentation violation
CVE-2023-49463
8.8 - High
- December 07, 2023
libheif v1.17.5 was discovered to contain a segmentation violation via the function find_exif_tag at /libheif/exif.cc.
libheif v1.17.5 was discovered to contain a segmentation violation
CVE-2023-49462
8.8 - High
- December 07, 2023
libheif v1.17.5 was discovered to contain a segmentation violation via the component /libheif/exif.cc.
libheif v1.17.5 was discovered to contain a segmentation violation
CVE-2023-49460
8.8 - High
- December 07, 2023
libheif v1.17.5 was discovered to contain a segmentation violation via the function UncompressedImageCodec::decode_uncompressed_image.
A Segmentation fault caused by a floating point exception exists in libheif 1.15.1 using crafted heif images
CVE-2023-29659
6.5 - Medium
- May 05, 2023
A Segmentation fault caused by a floating point exception exists in libheif 1.15.1 using crafted heif images via the heif::Fraction::round() function in box.cc, which causes a denial of service.
Divide By Zero
There is a vulnerability in the strided image data parsing code in the emscripten wrapper for libheif
CVE-2023-0996
7.8 - High
- February 24, 2023
There is a vulnerability in the strided image data parsing code in the emscripten wrapper for libheif. An attacker could exploit this through a crafted image file to cause a buffer overflow in linear memory during a memcpy call.
Classic Buffer Overflow
Buffer overflow vulnerability in function convert_colorspace in heif_colorconversion.cc in libheif v1.6.2
CVE-2020-23109
8.1 - High
- November 03, 2021
Buffer overflow vulnerability in function convert_colorspace in heif_colorconversion.cc in libheif v1.6.2, allows attackers to cause a denial of service and disclose sensitive information, via a crafted HEIF file.
Classic Buffer Overflow
An issue was discovered in heif::Box_iref::get_references in libheif 1.4.0
CVE-2020-19499
8.8 - High
- July 21, 2021
An issue was discovered in heif::Box_iref::get_references in libheif 1.4.0, allows attackers to cause a Denial of Service or possibly other unspecified impact due to an invalid memory read.
Out-of-bounds Read
Floating point exception in function Fraction in libheif 1.4.0
CVE-2020-19498
8.8 - High
- July 21, 2021
Floating point exception in function Fraction in libheif 1.4.0, allows attackers to cause a Denial of Service or possibly other unspecified impacts.
libheif 1.4.0 has a use-after-free in heif::HeifContext::Image::set_alpha_channel in heif_context.h
CVE-2019-11471
8.8 - High
- April 23, 2019
libheif 1.4.0 has a use-after-free in heif::HeifContext::Image::set_alpha_channel in heif_context.h because heif_context.cc mishandles references to non-existing alpha images.
Dangling pointer
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Struktur Libheif or by Struktur? Click the Watch button to subscribe.