CVE-2025-43967

Low CVSS: 2.9

libheif before 1.19.6 has a NULL pointer dereference in ImageItem_Grid::get_decoder in image-items/grid.cc because a grid image can reference a nonexistent image item.

Vendor

Struktur

Product

Libheif

CWE

CWE-476

Yayın Tarihi

2025-04-21 00:15:33

Güncelleme

2025-05-08 16:05:19

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-476 Libheif LOW Struktur 2025

Referanslar

https://github.com/strukturag/libheif/commit/6e35af7b0ff9fb6cc952a1539590d160db32f671 https://github.com/strukturag/libheif/compare/v1.19.5...v1.19.6 https://github.com/strukturag/libheif/issues/1455

Benzer Kayıtlar

High

CVE-2026-33164

libde265 is an open source implementation of the h.265 video codec. Prior to version 1.0.17, a malformed H.265 PPS NAL u…

Medium

CVE-2026-33165

libde265 is an open source implementation of the h.265 video codec. Prior to version 1.0.17, a crafted HEVC bitstream ca…

Medium

CVE-2025-61147

strukturag libde265 commit d9fea9d wa discovered to contain a segmentation fault via the component decoder_context::comp…

Medium

CVE-2025-68431

libheif is an HEIF and AVIF file format decoder and encoder. Prior to version 1.21.0, a crafted HEIF that exercises the…

Low

CVE-2025-43966

libheif before 1.19.6 has a NULL pointer dereference in ImageItem_iden in image-items/iden.cc.

Medium

CVE-2025-29482

Buffer Overflow vulnerability in libheif 1.19.7 allows a local attacker to execute arbitrary code via the SAO (Sample Ad…