CVE-2024-41311

HIGH 8.1

CVSS Score

8.1

EPSS Score

0.0%

EPSS Percentile

0th

In Libheif 1.17.6, insufficient checks in ImageOverlay::parse() decoding a heif file containing an overlay image with forged offsets can lead to an out-of-bounds read and write.

Vendor	n/a
Product	n/a
Published	Oct 15, 2024
Last Updated	Oct 23, 2024

Stay Ahead of the Next One

Get instant alerts for n/a n/a

Be the first to know when new high vulnerabilities affecting n/a n/a are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

n/a / n/a

n/a

References

NVD ↗ CVE.org ↗ EPSS Data ↗

github.com: https://github.com/strukturag/libheif/issues/1226 github.com: https://github.com/strukturag/libheif/pull/1227 github.com: https://github.com/strukturag/libheif/commit/a3ed1b1eb178c5d651d6ac619c8da3d71ac2be36 gist.github.com: https://gist.github.com/flyyee/79f1b224069842ee320115cafa5c35c0 lists.debian.org: https://lists.debian.org/debian-lts-announce/2024/10/msg00025.html