Описание
A vulnerability was identified in strukturag libheif up to 1.21.2. This impacts the function Track::load of the file libheif/sequences/track.cc of the component stsz/stts. The manipulation leads to out-of-bounds read. The attack needs to be performed locally. The exploit is publicly available and might be used. Applying a patch is the recommended action to fix this issue. The patch available is inofficial and not approved yet.
Ссылки
EPSS
3.3 Low
CVSS3
1.7 Low
CVSS2
Дефекты
Связанные уязвимости
A vulnerability was identified in strukturag libheif up to 1.21.2. This impacts the function Track::load of the file libheif/sequences/track.cc of the component stsz/stts. The manipulation leads to out-of-bounds read. The attack needs to be performed locally. The exploit is publicly available and might be used. Applying a patch is the recommended action to fix this issue. The patch available is inofficial and not approved yet.
A flaw was found in libheif. A local attacker could exploit an out-of-bounds read vulnerability in the `Track::load` function within the `stsz/stts` component. This manipulation could lead to a Denial of Service (DoS), making the affected system or application unavailable.
A vulnerability was identified in strukturag libheif up to 1.21.2. Thi ...
A vulnerability was identified in strukturag libheif up to 1.21.2. This impacts the function Track::load of the file libheif/sequences/track.cc of the component stsz/stts. The manipulation leads to out-of-bounds read. The attack needs to be performed locally. The exploit is publicly available and might be used. Applying a patch is the recommended action to fix this issue. The patch available is inofficial and not approved yet.
EPSS
3.3 Low
CVSS3
1.7 Low
CVSS2