First published: Wed Jul 21 2021(Updated: )
An issue was discovered in heif::Box_iref::get_references in libheif 1.4.0, allows attackers to cause a Denial of Service or possibly other unspecified impact due to an invalid memory read.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Struktur Libheif | =1.4.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID is CVE-2020-19499.
The severity of CVE-2020-19499 is high with a severity value of 8.8.
The affected software is Struktur Libheif version 1.4.0.
Attackers can exploit CVE-2020-19499 to cause a Denial of Service or possibly other unspecified impact due to an invalid memory read.
Yes, a fix is available. It is recommended to update to a version of libheif that is not affected by the vulnerability.