Security: strukturag/libheif
Security
No security policy detected
This project has not set up a SECURITY.md file yet.
Report a vulnerability-
Reachable assertion in HeifContext::get_track() aborts on a valid-but-empty HEIF sequence file (context.cc:2110)GHSA-9ww4-9v47-m7pj published
Jun 26, 2026 by farindkModerate -
Heap out-of-bounds write in the uncompressed encoder for RRGGBB images with interleaved bit-depth ≤ 8GHSA-46rp-pcq2-rpmr published
Jun 26, 2026 by farindkLow -
Integer underflow in Fraction constructor via double clap transform application (CWE-190/617)GHSA-jc8f-p23p-5hjg published
Jun 26, 2026 by farindkModerate -
Out-of-bounds read in uncompressed unci tile range slicingGHSA-73p7-m7gg-w2jv published
Jun 26, 2026 by farindkModerate -
Heap out of bounds write in libheif uncompressed encoder when writing images with mismatched auxiliary alpha dimensionsGHSA-xpw3-9rhw-482x published
Jun 26, 2026 by farindkHigh -
libheif: unbounded heap allocation in HEIF sequence parser (stsz fixed-size mode missing bound check)GHSA-jvmp-j3cw-84mh published
May 29, 2026 by farindkHigh -
Wrapped icef compressed-unit range check causes out-of-bounds read in uncompressed HEIF decoderGHSA-r7qj-cg5r-r6vf published
May 25, 2026 by farindkModerate -
Out-of-bounds write in inline mask region API when source mask exceeds declared regionGHSA-5hqq-636x-r3cr published
May 25, 2026 by farindkModerate -
libheif 1.21.2: heap OOB read in ImageItem_Grid::decode_grid_tile via irot-induced tile-coordinate underflowGHSA-6x5f-qchq-cxqv published
May 20, 2026 by farindkHigh -
NULL pointer dereference in heif_image_handle_get_image_tiling for malformed unci image missing ispeGHSA-4h72-vqgp-9376 published
May 19, 2026 by farindkModerate
Learn more about advisories related to strukturag/libheif in the GitHub Advisory Database