Shodan
Vulnerabilities
Vulnerable Software
Struktur:  >> Libheif  Security Vulnerabilities
CVE-2024-25269
libheif <= 1.17.6 contains a memory leak in the function JpegEncoder::Encode. This flaw allows an attacker to cause a denial of service attack.
CVSS Score
7.5
EPSS Score
0.001
Published
2024-03-05
CVE-2023-49460
libheif v1.17.5 was discovered to contain a segmentation violation via the function UncompressedImageCodec::decode_uncompressed_image.
CVSS Score
8.8
EPSS Score
0.001
Published
2023-12-07
CVE-2023-49462
libheif v1.17.5 was discovered to contain a segmentation violation via the component /libheif/exif.cc.
CVSS Score
8.8
EPSS Score
0.001
Published
2023-12-07
CVE-2023-49463
libheif v1.17.5 was discovered to contain a segmentation violation via the function find_exif_tag at /libheif/exif.cc.
CVSS Score
8.8
EPSS Score
0.002
Published
2023-12-07
CVE-2023-49464
libheif v1.17.5 was discovered to contain a segmentation violation via the function UncompressedImageCodec::get_luma_bits_per_pixel_from_configuration_unci.
CVSS Score
8.8
EPSS Score
0.001
Published
2023-12-07
CVE-2023-29659
A Segmentation fault caused by a floating point exception exists in libheif 1.15.1 using crafted heif images via the heif::Fraction::round() function in box.cc, which causes a denial of service.
CVSS Score
6.5
EPSS Score
0.001
Published
2023-05-05
CVE-2023-0996
There is a vulnerability in the strided image data parsing code in the emscripten wrapper for libheif. An attacker could exploit this through a crafted image file to cause a buffer overflow in linear memory during a memcpy call.
CVSS Score
7.8
EPSS Score
0.002
Published
2023-02-24
CVE-2020-23109
Buffer overflow vulnerability in function convert_colorspace in heif_colorconversion.cc in libheif v1.6.2, allows attackers to cause a denial of service and disclose sensitive information, via a crafted HEIF file.
CVSS Score
8.1
EPSS Score
0.002
Published
2021-11-03
CVE-2020-19498
Floating point exception in function Fraction in libheif 1.4.0, allows attackers to cause a Denial of Service or possibly other unspecified impacts.
CVSS Score
8.8
EPSS Score
0.004
Published
2021-07-21
CVE-2020-19499
An issue was discovered in heif::Box_iref::get_references in libheif 1.4.0, allows attackers to cause a Denial of Service or possibly other unspecified impact due to an invalid memory read.
CVSS Score
8.8
EPSS Score
0.004
Published
2021-07-21


Products
Pricing
Contact Us

Shodan ® - All rights reserved