Primary

Context

libheif NULL Pointer Dereference Vulnerability in ImageItem_iden Function

Vulnerability

A NULL pointer dereference vulnerability has been identified in libheif versions prior to 1.19.6. The issue occurs in the ImageItem_iden function within the image-items/iden.cc file.

Impact

Exploitation of this vulnerability leads to a NULL pointer dereference, which can cause a denial-of-service condition by crashing the application.

Remediation

Users can upgrade to libheif version 1.19.6 or later to address this vulnerability.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

8.1

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

5.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

8.1

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

5.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

libheif NULL Pointer Dereference Vulnerability in ImageItem_iden Function

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating