CVE-2020-19498
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2020-19498
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-19498.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2020-19498
- Downstream
- Published
- 2021-07-21T18:15:09Z
- Modified
- 2025-10-21T05:45:05.520192Z
- Severity
-
- 8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
Floating point exception in function Fraction in libheif 1.4.0, allows attackers to cause a Denial of Service or possibly other unspecified impacts.
- References
Affected packages
Git / github.com/strukturag/libheif
Affected ranges
- Type
- GIT
- Repo
- https://github.com/strukturag/libheif
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Database specific
vanir_signatures
[
{
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"147731676204354481572081716807761296933",
"77364423006871603135865097014949881459"
]
},
"target": {
"file": "libheif/heif_limits.h"
},
"source": "https://github.com/strukturag/libheif/commit/2710c930918609caaf0a664e9c7bc3dce05d5b58",
"id": "CVE-2020-19498-0e06a858",
"deprecated": false,
"signature_version": "v1"
},
{
"signature_type": "Function",
"digest": {
"function_hash": "307425792697781340303895090367980089489",
"length": 277.0
},
"target": {
"file": "libheif/box.cc",
"function": "gcd"
},
"source": "https://github.com/strukturag/libheif/commit/2710c930918609caaf0a664e9c7bc3dce05d5b58",
"id": "CVE-2020-19498-442a125d",
"deprecated": false,
"signature_version": "v1"
},
{
"signature_type": "Function",
"digest": {
"function_hash": "34309995185302358440847609850551581907",
"length": 416.0
},
"target": {
"file": "libheif/box.cc",
"function": "Fraction::Fraction"
},
"source": "https://github.com/strukturag/libheif/commit/2710c930918609caaf0a664e9c7bc3dce05d5b58",
"id": "CVE-2020-19498-44eabf83",
"deprecated": false,
"signature_version": "v1"
},
{
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"174289991246967375747520046371327395609",
"111489145872287977530596979928259219460",
"304054339016140649440792085094432672616",
"173391724684025248891390263453862560218",
"311848231624062782693932878457291591995",
"325448042776560416591639184439974592432",
"329452042709779413722893494174400048878",
"102652525751067957620548945159516718162",
"264577618361464340510664575409275156959",
"72232535568091744604674063881934611211",
"319591038302661741411339569734991551542",
"322210803745107444957324676128330990564",
"314498760441025998176084548309037472652",
"134834596149920996442843100337170125460",
"48415056289358879248000556526355377453",
"274326433738329996024662450983298537614",
"56451859347439688532124717040971852695",
"234069811981348545847737835386631666955",
"138556828025878628085655535894342730749",
"147781027242281381002661021720838884703",
"185948273879724541204857361409375031781",
"266525408217744466211788349308680964117",
"298101149826922467520863710733237268903",
"283540910113587762663556023797486954970",
"235175153560213853362309518880050412533",
"259297907606000672106840750699451926283",
"326633517225380638043625758770635647346",
"246158531361235038254832963096817241957",
"259964101900535481517711827618178748700",
"257786450703292688662862486076242412332",
"266268768642903653727189548898322070167",
"333014738404185582512521919861044770549"
]
},
"target": {
"file": "libheif/box.cc"
},
"source": "https://github.com/strukturag/libheif/commit/2710c930918609caaf0a664e9c7bc3dce05d5b58",
"id": "CVE-2020-19498-9e4a2235",
"deprecated": false,
"signature_version": "v1"
}
]