There are 2 open security issues in buster.
2 issues left for the package maintainer to handle:
- CVE-2020-19498:
(needs triaging)
Floating point exception in function Fraction in libheif 1.4.0, allows attackers to cause a Denial of Service or possibly other unspecified impacts.
- CVE-2020-19499:
(needs triaging)
An issue was discovered in heif::Box_iref::get_references in libheif 1.4.0, allows attackers to cause a Denial of Service or possibly other unspecified impact due to an invalid memory read.
You can find information about how to handle these issues in the security team's documentation.
![[bug history graph]](https://qa.debian.org/data/bts/graphs/libh/libheif.png){kind=link}