CVE-2023-49463 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2023-49463 Interim 1 8 2026-03-05T03:32:56Z current 2023-12-09T00:08:37Z 2026-03-05T03:32:56Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2023-49463 libheif v1.17.5 was discovered to contain a segmentation violation via the function find_exif_tag at /libheif/exif.cc. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Linux Enterprise Module for Desktop Applications 15 SP4 SUSE Linux Enterprise Module for Desktop Applications 15 SP5 SUSE Linux Enterprise Module for Desktop Applications 15 SP7 SUSE Linux Enterprise Module for Desktop Applications 15 SP4 SUSE Linux Enterprise Module for Desktop Applications 15 SP5 SUSE Linux Enterprise Module for Desktop Applications 15 SP7 SUSE Linux Enterprise Module for Package Hub 15 SP5 SUSE Linux Enterprise Module for Desktop Applications 15 SP4 SUSE Linux Enterprise Module for Desktop Applications 15 SP5 SUSE Linux Enterprise Module for Desktop Applications 15 SP7 SUSE Linux Enterprise Server 16.0 SUSE Linux Enterprise Module for Desktop Applications 15 SP4 SUSE Linux Enterprise Module for Desktop Applications 15 SP5 SUSE Linux Enterprise Module for Desktop Applications 15 SP7 SUSE Linux Enterprise Module for Desktop Applications 15 SP4 SUSE Linux Enterprise Module for Desktop Applications 15 SP4 SUSE Linux Enterprise Module for Desktop Applications 15 SP4 openSUSE Tumbleweed gdk-pixbuf-loader-libheif gdk-pixbuf-loader-libheif-1.17.6-1.1 gdk-pixbuf-loader-libheif-1.19.7-160000.2.2 libheif libheif-aom-1.17.6-1.1 libheif-aom-1.19.7-160000.2.2 libheif-dav1d-1.17.6-1.1 libheif-dav1d-1.19.7-160000.2.2 libheif-devel libheif-devel-1.17.6-1.1 libheif-ffmpeg-1.17.6-1.1 libheif-ffmpeg-1.19.7-160000.2.2 libheif-jpeg-1.17.6-1.1 libheif-jpeg-1.19.7-160000.2.2 libheif-openjpeg-1.17.6-1.1 libheif-openjpeg-1.19.7-160000.2.2 libheif-rav1e-1.17.6-1.1 libheif-rav1e-1.19.7-160000.2.2 libheif-svtenc-1.17.6-1.1 libheif-svtenc-1.19.7-160000.2.2 libheif1 libheif1-1.17.6-1.1 libheif1-1.19.5-150700.1.4 libheif1-1.19.7-160000.2.2 libheif1-32bit-1.17.6-1.1 libheif1-1.19.5-150700.1.4 as a component of SUSE Linux Enterprise Module for Desktop Applications 15 SP7 gdk-pixbuf-loader-libheif-1.19.7-160000.2.2 as a component of SUSE Linux Enterprise Server 16.0 libheif-aom-1.19.7-160000.2.2 as a component of SUSE Linux Enterprise Server 16.0 libheif-dav1d-1.19.7-160000.2.2 as a component of SUSE Linux Enterprise Server 16.0 libheif-ffmpeg-1.19.7-160000.2.2 as a component of SUSE Linux Enterprise Server 16.0 libheif-jpeg-1.19.7-160000.2.2 as a component of SUSE Linux Enterprise Server 16.0 libheif-openjpeg-1.19.7-160000.2.2 as a component of SUSE Linux Enterprise Server 16.0 libheif-rav1e-1.19.7-160000.2.2 as a component of SUSE Linux Enterprise Server 16.0 libheif-svtenc-1.19.7-160000.2.2 as a component of SUSE Linux Enterprise Server 16.0 libheif1-1.19.7-160000.2.2 as a component of SUSE Linux Enterprise Server 16.0 gdk-pixbuf-loader-libheif-1.17.6-1.1 as a component of openSUSE Tumbleweed libheif-aom-1.17.6-1.1 as a component of openSUSE Tumbleweed libheif-dav1d-1.17.6-1.1 as a component of openSUSE Tumbleweed libheif-devel-1.17.6-1.1 as a component of openSUSE Tumbleweed libheif-ffmpeg-1.17.6-1.1 as a component of openSUSE Tumbleweed libheif-jpeg-1.17.6-1.1 as a component of openSUSE Tumbleweed libheif-openjpeg-1.17.6-1.1 as a component of openSUSE Tumbleweed libheif-rav1e-1.17.6-1.1 as a component of openSUSE Tumbleweed libheif-svtenc-1.17.6-1.1 as a component of openSUSE Tumbleweed libheif1-1.17.6-1.1 as a component of openSUSE Tumbleweed libheif1-32bit-1.17.6-1.1 as a component of openSUSE Tumbleweed libheif1 as a component of SUSE Linux Enterprise Module for Desktop Applications 15 SP4 libheif as a component of SUSE Linux Enterprise Module for Desktop Applications 15 SP4 libheif1 as a component of SUSE Linux Enterprise Module for Desktop Applications 15 SP5 libheif as a component of SUSE Linux Enterprise Module for Desktop Applications 15 SP5 gdk-pixbuf-loader-libheif as a component of SUSE Linux Enterprise Module for Package Hub 15 SP5 libheif-devel as a component of SUSE Linux Enterprise Module for Package Hub 15 SP5 libheif as a component of SUSE Linux Enterprise Module for Package Hub 15 SP5 libheif v1.17.5 was discovered to contain a segmentation violation via the function find_exif_tag at /libheif/exif.cc. CVE-2023-49463 SUSE Linux Enterprise Module for Desktop Applications 15 SP7:libheif1-1.19.5-150700.1.4 SUSE Linux Enterprise Server 16.0:gdk-pixbuf-loader-libheif-1.19.7-160000.2.2 SUSE Linux Enterprise Server 16.0:libheif-aom-1.19.7-160000.2.2 SUSE Linux Enterprise Server 16.0:libheif-dav1d-1.19.7-160000.2.2 SUSE Linux Enterprise Server 16.0:libheif-ffmpeg-1.19.7-160000.2.2 SUSE Linux Enterprise Server 16.0:libheif-jpeg-1.19.7-160000.2.2 SUSE Linux Enterprise Server 16.0:libheif-openjpeg-1.19.7-160000.2.2 SUSE Linux Enterprise Server 16.0:libheif-rav1e-1.19.7-160000.2.2 SUSE Linux Enterprise Server 16.0:libheif-svtenc-1.19.7-160000.2.2 SUSE Linux Enterprise Server 16.0:libheif1-1.19.7-160000.2.2 openSUSE Tumbleweed:gdk-pixbuf-loader-libheif-1.17.6-1.1 openSUSE Tumbleweed:libheif-aom-1.17.6-1.1 openSUSE Tumbleweed:libheif-dav1d-1.17.6-1.1 openSUSE Tumbleweed:libheif-devel-1.17.6-1.1 openSUSE Tumbleweed:libheif-ffmpeg-1.17.6-1.1 openSUSE Tumbleweed:libheif-jpeg-1.17.6-1.1 openSUSE Tumbleweed:libheif-openjpeg-1.17.6-1.1 openSUSE Tumbleweed:libheif-rav1e-1.17.6-1.1 openSUSE Tumbleweed:libheif-svtenc-1.17.6-1.1 openSUSE Tumbleweed:libheif1-1.17.6-1.1 openSUSE Tumbleweed:libheif1-32bit-1.17.6-1.1 SUSE Linux Enterprise Module for Desktop Applications 15 SP4:libheif SUSE Linux Enterprise Module for Desktop Applications 15 SP4:libheif1 SUSE Linux Enterprise Module for Desktop Applications 15 SP5:libheif SUSE Linux Enterprise Module for Desktop Applications 15 SP5:libheif1 SUSE Linux Enterprise Module for Package Hub 15 SP5:gdk-pixbuf-loader-libheif SUSE Linux Enterprise Module for Package Hub 15 SP5:libheif SUSE Linux Enterprise Module for Package Hub 15 SP5:libheif-devel moderate 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H