Security: strukturag/libheif
Security
No security policy detected
This project has not set up a SECURITY.md file yet.
Report a vulnerability-
Incorrect byte-count initialization in BitstreamRange constructor allows container-boundary check bypassGHSA-p4r6-6972-g26m published
May 19, 2026 by farindkModerate -
Out-of-bounds vector access leading to invalid dereference (DoS)GHSA-p82x-fpmv-576r published
May 19, 2026 by farindkModerate -
Out-of-bounds read and assertion-based DoS in EXIF parsing (find_exif_tag / read32) with short EXIF TIFF payloadGHSA-jh2w-m72q-q595 published
May 19, 2026 by farindkModerate -
Heap buffer overflow via uint32_t stride overflow in image plane allocation (+ 2 additional instances)GHSA-9h96-c44j-jpq9 published
May 19, 2026 by farindkHigh -
Heap buffer over-read in SampleAuxInfoReader via crafted HEIF sequence file with mismatched saiz sample countGHSA-xj92-xjff-h8w3 published
May 19, 2026 by farindkModerate -
Integer overflow in inline mask size calculation causes undersized buffer allocationGHSA-h4wm-6wwf-qvhx published
May 19, 2026 by farindkModerate -
Null pointer dereference in `HeifFile::get_item_data()` via crafted HEIF file with non-`pict` handler typeGHSA-h27h-4hc4-5vf5 published
Mar 27, 2026 by farindkModerate -
Integer overflow in readTiledSeparate() leads to heap corruption when decoding tiled TIFF imagesGHSA-wjj2-gjqj-5gr4 published
Mar 27, 2026 by farindkLow -
Heap Buffer OOB Read in overlay compositing due to wrong alpha strideGHSA-hg7q-rjr2-8x46 published
May 19, 2026 by farindkHigh -
Heap OOB Read / SEGV Crash via Zero samples_per_chunk in stsc <=1.21.2GHSA-7f2h-cmpf-v9ww published
May 19, 2026 by farindkModerate
Learn more about advisories related to strukturag/libheif in the GitHub Advisory Database