CVE-2025-43966
2.9
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
Summary
libheif before 1.19.6 has a NULL pointer dereference in ImageItem_iden in image-items/iden.cc.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| struktur | libheif | 0 < 1.19.6 | affected |
Weaknesses
- CWE-476: CWE-476 NULL Pointer Dereference
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
- https://github.com/strukturag/libheif/commit/b38555387e4b5dcf036fe45b0c440aca19b7b69c
- https://github.com/strukturag/libheif/compare/v1.19.5…v1.19.6
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.