CVE-2026-32739 | strukturag libheif up to 1.21.x AVIF File get_sample_duration infinite loop (GHSA-j9g7-q9hv-gq8c)

A vulnerability marked as problematic has been reported in strukturag libheif up to 1.21.x. The affected element is the function Box_stts::get_sample_duration of the component AVIF File Handler. This manipulation causes infinite loop.

This vulnerability is handled as CVE-2026-32739. The attack can be initiated remotely. There is not any exploit available.

It is suggested to upgrade the affected component.VulDB Recent EntriesRead More