Buffer overflow vulnerability in function convertcolorspace in heifcolorconversion.cc in libheif v1.6.2, allows attackers to cause a denial of service and disclose sensitive information, via a crafted HEIF file.
{ "binaries": [ { "binary_name": "heif-gdk-pixbuf", "binary_version": "1.6.1-1ubuntu0.1~esm1" }, { "binary_name": "heif-gdk-pixbuf-dbgsym", "binary_version": "1.6.1-1ubuntu0.1~esm1" }, { "binary_name": "heif-thumbnailer", "binary_version": "1.6.1-1ubuntu0.1~esm1" }, { "binary_name": "heif-thumbnailer-dbgsym", "binary_version": "1.6.1-1ubuntu0.1~esm1" }, { "binary_name": "libheif-dev", "binary_version": "1.6.1-1ubuntu0.1~esm1" }, { "binary_name": "libheif-examples", "binary_version": "1.6.1-1ubuntu0.1~esm1" }, { "binary_name": "libheif-examples-dbgsym", "binary_version": "1.6.1-1ubuntu0.1~esm1" }, { "binary_name": "libheif1", "binary_version": "1.6.1-1ubuntu0.1~esm1" }, { "binary_name": "libheif1-dbgsym", "binary_version": "1.6.1-1ubuntu0.1~esm1" } ], "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro" }