rpm package
suse/libheif&distro=SUSE Linux Enterprise Module for Desktop Applications 15 SP5
pkg:rpm/suse/libheif&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP5
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-41311 | — | < 1.12.0-150400.3.14.1 | 1.12.0-150400.3.14.1 | Oct 15, 2024 | In Libheif 1.17.6, insufficient checks in ImageOverlay::parse() decoding a heif file containing an overlay image with forged offsets can lead to an out-of-bounds read and write. | ||
| CVE-2023-29659 | — | < 1.12.0-150400.3.11.1 | 1.12.0-150400.3.11.1 | May 5, 2023 | A Segmentation fault caused by a floating point exception exists in libheif 1.15.1 using crafted heif images via the heif::Fraction::round() function in box.cc, which causes a denial of service. |
- CVE-2024-41311Oct 15, 2024affected < 1.12.0-150400.3.14.1fixed 1.12.0-150400.3.14.1
In Libheif 1.17.6, insufficient checks in ImageOverlay::parse() decoding a heif file containing an overlay image with forged offsets can lead to an out-of-bounds read and write.
- CVE-2023-29659May 5, 2023affected < 1.12.0-150400.3.11.1fixed 1.12.0-150400.3.11.1
A Segmentation fault caused by a floating point exception exists in libheif 1.15.1 using crafted heif images via the heif::Fraction::round() function in box.cc, which causes a denial of service.