VYPR

rpm package

opensuse/libheif&distro=openSUSE Leap 15.6

pkg:rpm/opensuse/libheif&distro=openSUSE%20Leap%2015.6

Vulnerabilities (2)

  • CVE-2025-68431Dec 29, 2025
    affected < 1.12.0-150400.3.17.1fixed 1.12.0-150400.3.17.1

    libheif is an HEIF and AVIF file format decoder and encoder. Prior to version 1.21.0, a crafted HEIF that exercises the overlay image item path triggers a heap buffer over-read in `HeifPixelImage::overlay()`. The function computes a negative row length (likely from an unclipped o

  • CVE-2024-41311Oct 15, 2024
    affected < 1.12.0-150400.3.14.1fixed 1.12.0-150400.3.14.1

    In Libheif 1.17.6, insufficient checks in ImageOverlay::parse() decoding a heif file containing an overlay image with forged offsets can lead to an out-of-bounds read and write.