Vulnerabilities > Struktur > Libheif
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-04-21 | CVE-2025-43966 | NULL Pointer Dereference vulnerability in Struktur Libheif libheif before 1.19.6 has a NULL pointer dereference in ImageItem_iden in image-items/iden.cc. | 7.5 |
| 2025-04-21 | CVE-2025-43967 | NULL Pointer Dereference vulnerability in Struktur Libheif libheif before 1.19.6 has a NULL pointer dereference in ImageItem_Grid::get_decoder in image-items/grid.cc because a grid image can reference a nonexistent image item. | 7.5 |
| 2024-10-15 | CVE-2024-41311 | Out-of-bounds Write vulnerability in multiple products In Libheif 1.17.6, insufficient checks in ImageOverlay::parse() decoding a heif file containing an overlay image with forged offsets can lead to an out-of-bounds read and write. | 8.1 |
| 2023-12-07 | CVE-2023-49460 | Unspecified vulnerability in Struktur Libheif 1.17.5 libheif v1.17.5 was discovered to contain a segmentation violation via the function UncompressedImageCodec::decode_uncompressed_image. | 8.8 |
| 2023-12-07 | CVE-2023-49462 | Unspecified vulnerability in Struktur Libheif 1.17.5 libheif v1.17.5 was discovered to contain a segmentation violation via the component /libheif/exif.cc. | 8.8 |
| 2023-12-07 | CVE-2023-49463 | Unspecified vulnerability in Struktur Libheif 1.17.5 libheif v1.17.5 was discovered to contain a segmentation violation via the function find_exif_tag at /libheif/exif.cc. | 8.8 |
| 2023-12-07 | CVE-2023-49464 | Unspecified vulnerability in Struktur Libheif 1.17.5 libheif v1.17.5 was discovered to contain a segmentation violation via the function UncompressedImageCodec::get_luma_bits_per_pixel_from_configuration_unci. | 8.8 |
| 2023-05-05 | CVE-2023-29659 | Divide By Zero vulnerability in multiple products A Segmentation fault caused by a floating point exception exists in libheif 1.15.1 using crafted heif images via the heif::Fraction::round() function in box.cc, which causes a denial of service. | 6.5 |
| 2023-02-24 | CVE-2023-0996 | Classic Buffer Overflow vulnerability in Struktur Libheif 1.14.2 There is a vulnerability in the strided image data parsing code in the emscripten wrapper for libheif. | 7.8 |
| 2021-11-03 | CVE-2020-23109 | Classic Buffer Overflow vulnerability in Struktur Libheif 1.6.2 Buffer overflow vulnerability in function convert_colorspace in heif_colorconversion.cc in libheif v1.6.2, allows attackers to cause a denial of service and disclose sensitive information, via a crafted HEIF file. | 8.1 |