CVE-2021-32289

An issue was discovered in heif through through v3.6.2. A NULL pointer dereference exists in the function convertByteStreamToRBSP() located in nalutil.cpp. It allows an attacker to cause Denial of Service. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt