CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
40.0%
Vulnerability in DecodeConfig component of Golang programming language is related to uncontrolled consumption of resources.
resources. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial-of-service condition.
denial of service
A vulnerability in the get_luma_bits_per_pixel_from_configuration_unci() function of the libheif decoder and encoder is related to a bug in the
of libheif file format decoder and encoder is associated with a segmentation error. Exploitation of the vulnerability could allow an attacker,
acting remotely, to cause a denial of service
Vulnerability in decode_uncompressed_image() function of libheif decoder and file format encoder is associated with a segmentation error.
segmentation error. Exploitation of the vulnerability could allow an attacker acting remotely to cause a
denial of service
The find_exif_tag() vulnerability in the libheif file format decoder and encoder is associated with a segmentation error.
segmentation error. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service
denial of service
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
40.0%