VYPR

rpm package

suse/libheif&distro=SUSE Linux Enterprise Module for Desktop Applications 15 SP5

pkg:rpm/suse/libheif&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP5

Vulnerabilities (2)

  • CVE-2024-41311Oct 15, 2024
    affected < 1.12.0-150400.3.14.1fixed 1.12.0-150400.3.14.1

    In Libheif 1.17.6, insufficient checks in ImageOverlay::parse() decoding a heif file containing an overlay image with forged offsets can lead to an out-of-bounds read and write.

  • CVE-2023-29659May 5, 2023
    affected < 1.12.0-150400.3.11.1fixed 1.12.0-150400.3.11.1

    A Segmentation fault caused by a floating point exception exists in libheif 1.15.1 using crafted heif images via the heif::Fraction::round() function in box.cc, which causes a denial of service.