Libheif Struktur Libheif

Do you want an email whenever new security vulnerabilities are reported in Struktur Libheif?

By the Year

In 2024 there have been 0 vulnerabilities in Struktur Libheif . Last year Libheif had 6 security vulnerabilities published. Right now, Libheif is on track to have less security vulnerabilities in 2024 than it did last year.

Year Vulnerabilities Average Score
2024 0 0.00
2023 6 8.25
2022 0 0.00
2021 3 8.57
2020 0 0.00
2019 1 8.80
2018 0 0.00

It may take a day or so for new Libheif vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Struktur Libheif Security Vulnerabilities

libheif v1.17.5 was discovered to contain a segmentation violation

CVE-2023-49464 8.8 - High - December 07, 2023

libheif v1.17.5 was discovered to contain a segmentation violation via the function UncompressedImageCodec::get_luma_bits_per_pixel_from_configuration_unci.

libheif v1.17.5 was discovered to contain a segmentation violation

CVE-2023-49463 8.8 - High - December 07, 2023

libheif v1.17.5 was discovered to contain a segmentation violation via the function find_exif_tag at /libheif/exif.cc.

libheif v1.17.5 was discovered to contain a segmentation violation

CVE-2023-49462 8.8 - High - December 07, 2023

libheif v1.17.5 was discovered to contain a segmentation violation via the component /libheif/exif.cc.

libheif v1.17.5 was discovered to contain a segmentation violation

CVE-2023-49460 8.8 - High - December 07, 2023

libheif v1.17.5 was discovered to contain a segmentation violation via the function UncompressedImageCodec::decode_uncompressed_image.

A Segmentation fault caused by a floating point exception exists in libheif 1.15.1 using crafted heif images

CVE-2023-29659 6.5 - Medium - May 05, 2023

A Segmentation fault caused by a floating point exception exists in libheif 1.15.1 using crafted heif images via the heif::Fraction::round() function in box.cc, which causes a denial of service.

Divide By Zero

There is a vulnerability in the strided image data parsing code in the emscripten wrapper for libheif

CVE-2023-0996 7.8 - High - February 24, 2023

There is a vulnerability in the strided image data parsing code in the emscripten wrapper for libheif. An attacker could exploit this through a crafted image file to cause a buffer overflow in linear memory during a memcpy call.

Classic Buffer Overflow

Buffer overflow vulnerability in function convert_colorspace in heif_colorconversion.cc in libheif v1.6.2

CVE-2020-23109 8.1 - High - November 03, 2021

Buffer overflow vulnerability in function convert_colorspace in heif_colorconversion.cc in libheif v1.6.2, allows attackers to cause a denial of service and disclose sensitive information, via a crafted HEIF file.

Classic Buffer Overflow

An issue was discovered in heif::Box_iref::get_references in libheif 1.4.0

CVE-2020-19499 8.8 - High - July 21, 2021

An issue was discovered in heif::Box_iref::get_references in libheif 1.4.0, allows attackers to cause a Denial of Service or possibly other unspecified impact due to an invalid memory read.

Out-of-bounds Read

Floating point exception in function Fraction in libheif 1.4.0

CVE-2020-19498 8.8 - High - July 21, 2021

Floating point exception in function Fraction in libheif 1.4.0, allows attackers to cause a Denial of Service or possibly other unspecified impacts.

libheif 1.4.0 has a use-after-free in heif::HeifContext::Image::set_alpha_channel in heif_context.h

CVE-2019-11471 8.8 - High - April 23, 2019

libheif 1.4.0 has a use-after-free in heif::HeifContext::Image::set_alpha_channel in heif_context.h because heif_context.cc mishandles references to non-existing alpha images.

Dangling pointer

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Struktur Libheif or by Struktur? Click the Watch button to subscribe.

Struktur
Vendor

subscribe