8.8
CVE-2026-32740
- EPSS 0.51%
- Veröffentlicht 19.05.2026 19:22:07
- Zuletzt bearbeitet 30.06.2026 03:18:33
- Quelle security-advisories@github.com
- CVE-Watchlists
- Unerledigt
libheif: Heap-Buffer-Overflow Write in Grid Tile Chroma Compositing
libheif is a HEIF and AVIF file format decoder and encoder. Versions 1.21.2 and prior contain a heap-buffer-overflow (write) vulnerability in the grid tile compositing, allowing an attacker to write 64 bytes of fully attacker-controlled data past the end of a chroma plane heap allocation by crafting a HEIF/AVIF file with a 1×4 grid of odd-height tiles. The overflow is triggered during normal image decoding with default build configuration. The written bytes are chroma (Cb/Cr) pixel values from the attacking tile, giving the attacker full control over the overflow content. This issue has been fixed in version 1.22.0.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.51% | 0.398 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| security-advisories@github.com | 8.8 | 2.8 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
|
| 0b0ca135-0b70-47e7-9f44-1890c2a1c46c | 8.8 | 2.8 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
|
CWE-787 Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.
https://github.com/strukturag/libheif/releases/tag/v1.22.0
https://github.com/strukturag/libheif/security/advisories/GHSA-frfr-f3vg-2g6j
https://access.redhat.com/security/cve/CVE-2026-32740
https://bugzilla.redhat.com/show_bug.cgi?id=2479969
https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-32740.json