CVE-2026-28231

Exploit

EPSS 0.63%
Veröffentlicht 27.02.2026 20:13:45
Zuletzt bearbeitet 04.03.2026 15:55:20
Quelle security-advisories@github.com
CVE-Watchlists
Login
Unerledigt
Login

pillow_heif Has Integer Overflow in Encode Path Buffer Validation that Leads to Heap Out-of-Bounds Read

pillow_heif is a Python library for working with HEIF images and plugin for Pillow. Prior to version 1.3.0, an integer overflow in the encode path buffer validation of `_pillow_heif.c` allows an attacker to bypass bounds checks by providing large image dimensions, resulting in a heap out-of-bounds read. This can lead to information disclosure (server heap memory leaking into encoded images) or denial of service (process crash). No special configuration is required — this triggers under default settings. Version 1.3.0 fixes the issue.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 2 Referenzen 6

NVD 1 VulnDex Vulnerability Enrichment 0

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Bigcat88 ≫ Pillow-heif SwPlatformpython Version < 1.3.0

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.63%	0.455

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	9.1	3.9	5.2	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
security-advisories@github.com	5.5	0	0	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

CWE-125 Out-of-bounds Read

The product reads data past the end, or before the beginning, of the intended buffer.

CWE-190 Integer Overflow or Wraparound

The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.

https://github.com/bigcat88/pillow_heif/security/advisories/GHSA-5gjj-6r7v-ph3x

Vendor Advisory

Exploit

Mitigation

https://github.com/bigcat88/pillow_heif/commit/8305a15d3780c533b762578cbe987d27a2c59c7a

Patch

https://github.com/bigcat88/pillow_heif/releases/tag/v1.3.0

Product

Release Notes

https://nvd.nist.gov/vuln/detail/CVE-2026-28231

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2026-28231

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2026-28231

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2026-28231