VYPR

rpm package

opensuse/libheif&distro=openSUSE Leap 15.4

pkg:rpm/opensuse/libheif&distro=openSUSE%20Leap%2015.4

Vulnerabilities (2)

  • CVE-2023-29659May 5, 2023
    affected < 1.12.0-150400.3.11.1fixed 1.12.0-150400.3.11.1

    A Segmentation fault caused by a floating point exception exists in libheif 1.15.1 using crafted heif images via the heif::Fraction::round() function in box.cc, which causes a denial of service.

  • CVE-2023-0996Feb 24, 2023
    affected < 1.12.0-150400.3.8.1fixed 1.12.0-150400.3.8.1

    There is a vulnerability in the strided image data parsing code in the emscripten wrapper for libheif. An attacker could exploit this through a crafted image file to cause a buffer overflow in linear memory during a memcpy call.