rpm package
suse/libheif&distro=SUSE Linux Enterprise Module for Desktop Applications 15 SP4
pkg:rpm/suse/libheif&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP4
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-29659 | — | < 1.12.0-150400.3.11.1 | 1.12.0-150400.3.11.1 | May 5, 2023 | A Segmentation fault caused by a floating point exception exists in libheif 1.15.1 using crafted heif images via the heif::Fraction::round() function in box.cc, which causes a denial of service. | ||
| CVE-2023-0996 | — | < 1.12.0-150400.3.8.1 | 1.12.0-150400.3.8.1 | Feb 24, 2023 | There is a vulnerability in the strided image data parsing code in the emscripten wrapper for libheif. An attacker could exploit this through a crafted image file to cause a buffer overflow in linear memory during a memcpy call. |
- CVE-2023-29659May 5, 2023affected < 1.12.0-150400.3.11.1fixed 1.12.0-150400.3.11.1
A Segmentation fault caused by a floating point exception exists in libheif 1.15.1 using crafted heif images via the heif::Fraction::round() function in box.cc, which causes a denial of service.
- CVE-2023-0996Feb 24, 2023affected < 1.12.0-150400.3.8.1fixed 1.12.0-150400.3.8.1
There is a vulnerability in the strided image data parsing code in the emscripten wrapper for libheif. An attacker could exploit this through a crafted image file to cause a buffer overflow in linear memory during a memcpy call.