An issue was discovered in heif::Boxiref::getreferences in libheif 1.4.0, allows attackers to cause a Denial of Service or possibly other unspecified impact due to an invalid memory read.
{ "urgency": "not yet assigned" }