CVE-2024-41311

Published: Oct 15, 2024

Modified: Oct 23, 2024

PUBLISHED

Description

In Libheif 1.17.6, insufficient checks in ImageOverlay::parse() decoding a heif file containing an overlay image with forged offsets can lead to an out-of-bounds read and write.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/strukturag/libheif/issues/1226

https://github.com/strukturag/libheif/pull/1227

https://github.com/strukturag/libheif/commit/a3ed1b1eb178c5d651d6ac619c8da3d71ac2be36

https://gist.github.com/flyyee/79f1b224069842ee320115cafa5c35c0

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2024-41311

Description

Affected Products

References