Struktur Libheif
8 CVEs affecting Struktur Libheif. Latest disclosed: 2026-05-22. Critical: 0, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-32740 | High | 8.8 | 2026-05-19 | libheif is a HEIF and AVIF file format decoder and encoder. Versions 1.21.2 and prior contain a heap-buffer-overflow (write) vulnerability in the grid tile com… |
CVE-2026-41071 | High | 8.1 | 2026-05-22 | libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and prior, a crafted HEIF sequence file where the saiz box declares more samples… |
CVE-2026-41069 | Medium | 6.5 | 2026-05-22 | libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and prior, a malformed HEIF sequence file can trigger an out-of-bounds read in c… |
CVE-2026-32739 | Medium | 6.5 | 2026-05-19 | libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and below, a crafted 800-byte HEIF sequence file causes an infinite loop in Box_… |
CVE-2026-32738 | Medium | 6.5 | 2026-05-19 | libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and below, a crafted 792-byte HEIF sequence file with samples_per_chunk=0 in the… |
CVE-2025-43967 | Low | 2.9 | 2025-04-20 | libheif before 1.19.6 has a NULL pointer dereference in ImageItem_Grid::get_decoder in image-items/grid.cc because a grid image can reference a nonexistent ima… |
CVE-2025-43966 | Low | 2.9 | 2025-04-20 | libheif before 1.19.6 has a NULL pointer dereference in ImageItem_iden in image-items/iden.cc. |
CVE-2023-0996 | | 2023-02-24 | There is a vulnerability in the strided image data parsing code in the emscripten wrapper for libheif. An attacker could exploit this through a crafted image… |