CVE-2020-23109

Published November 3rd, 2021

View on NVD ↗

CVSS v3

8.1

HIGH

CVSS v2

5.8

MEDIUM

Affected

PROJECT

Description

Buffer overflow vulnerability in function convert_colorspace in heif_colorconversion.cc in libheif v1.6.2, allows attackers to cause a denial of service and disclose sensitive information, via a crafted HEIF file.

strukturag/libheif

libheif is an HEIF and AVIF file format decoder and encoder.

GitHub

2.25K