rpm package
opensuse/libheif&distro=openSUSE Leap 15.6
pkg:rpm/opensuse/libheif&distro=openSUSE%20Leap%2015.6
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-68431 | — | < 1.12.0-150400.3.17.1 | 1.12.0-150400.3.17.1 | Dec 29, 2025 | libheif is an HEIF and AVIF file format decoder and encoder. Prior to version 1.21.0, a crafted HEIF that exercises the overlay image item path triggers a heap buffer over-read in `HeifPixelImage::overlay()`. The function computes a negative row length (likely from an unclipped o | ||
| CVE-2024-41311 | — | < 1.12.0-150400.3.14.1 | 1.12.0-150400.3.14.1 | Oct 15, 2024 | In Libheif 1.17.6, insufficient checks in ImageOverlay::parse() decoding a heif file containing an overlay image with forged offsets can lead to an out-of-bounds read and write. |
- CVE-2025-68431Dec 29, 2025affected < 1.12.0-150400.3.17.1fixed 1.12.0-150400.3.17.1
libheif is an HEIF and AVIF file format decoder and encoder. Prior to version 1.21.0, a crafted HEIF that exercises the overlay image item path triggers a heap buffer over-read in `HeifPixelImage::overlay()`. The function computes a negative row length (likely from an unclipped o
- CVE-2024-41311Oct 15, 2024affected < 1.12.0-150400.3.14.1fixed 1.12.0-150400.3.14.1
In Libheif 1.17.6, insufficient checks in ImageOverlay::parse() decoding a heif file containing an overlay image with forged offsets can lead to an out-of-bounds read and write.