Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2023-49460HistoryDec 07, 2023 - 8:15 p.m.
CVE-2023-49460
2023-12-0720:15:38
Debian Security Bug Tracker
security-tracker.debian.org
8
libheif
v1.17.5
uncompressedimagecodec
decode_uncompressed_image
segmentation violation
unix
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.1 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
37.6%
libheif v1.17.5 was discovered to contain a segmentation violation via the function UncompressedImageCodec::decode_uncompressed_image.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | libheif | <= 1.15.1-1 | libheif_1.15.1-1_all.deb |
| Debian | 11 | all | libheif | <= 1.11.0-1 | libheif_1.11.0-1_all.deb |
| Debian | 999 | all | libheif | < 1.17.6-1 | libheif_1.17.6-1_all.deb |
| Debian | 13 | all | libheif | < 1.17.6-1 | libheif_1.17.6-1_all.deb |
Related
cvelist
cvelist
CVE-2023-49460
2023-12-07 00:00:00
nvd
nvd
CVE-2023-49460
2023-12-07 20:15:38
veracode
veracode
Denial Of Services (DoS)
2023-12-08 08:52:56
prion
prion
Design/Logic Flaw
2023-12-07 20:15:00
cve
cve
CVE-2023-49460
2023-12-07 20:15:38
ubuntucve
ubuntucve
CVE-2023-49460
2023-12-07 00:00:00
nessus
nessus
Fedora 40 : libheif (2023-692921aeb2)
2024-04-29 00:00:00
redos
redos
ROS-20240408-01
2024-04-08 00:00:00
openvas
openvas
Mageia: Security Advisory (MGASA-2024-0243)
2024-06-28 00:00:00
Ubuntu: Security Advisory (USN-6847-1)
2024-06-26 00:00:00
ubuntu
ubuntu
libheif vulnerabilities
2024-06-25 00:00:00
osv
osv
libheif vulnerabilities
2024-06-25 16:50:16
mageia
mageia
Updated libheif packages fix security vulnerabilities
2024-06-28 05:41:31
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.1 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
37.6%
Related for DEBIANCVE:CVE-2023-49460