VYPR

libheif

by Libheif

CVEs (3)

  • CVE-2020-23109HigNov 3, 2021
    risk 0.53cvss 8.1epss 0.01

    Buffer overflow vulnerability in function convert_colorspace in heif_colorconversion.cc in libheif v1.6.2, allows attackers to cause a denial of service and disclose sensitive information, via a crafted HEIF file.

  • CVE-2025-29482MedApr 7, 2025
    risk 0.40cvss 6.2epss 0.00

    Buffer Overflow vulnerability in libheif 1.19.7 allows a local attacker to execute arbitrary code via the SAO (Sample Adaptive Offset) processing of libde265.

  • CVE-2023-0996HigFeb 24, 2023
    risk 0.00cvss 7.8epss 0.00

    There is a vulnerability in the strided image data parsing code in the emscripten wrapper for libheif. An attacker could exploit this through a crafted image file to cause a buffer overflow in linear memory during a memcpy call.