Vulnerabilities > CVE-2024-41311 - Out-of-bounds Write vulnerability in multiple products

047910
CVSS 8.1 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
NONE
network
low complexity
struktur
debian
CWE-787

Summary

In Libheif 1.17.6, insufficient checks in ImageOverlay::parse() decoding a heif file containing an overlay image with forged offsets can lead to an out-of-bounds read and write.

Vulnerable Configurations

Part Description Count
Application
Struktur
1
OS
Debian
1

Common Weakness Enumeration (CWE)