We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.
Please see our statement on Data Privacy.
php-heic-to-jpg <= 1.0.5 is vulnerable to code injection (fixed in 1.0.6). An attacker who can upload heic images is able to execute code on the remote server via the file name. As a result, the CIA is no longer guaranteed. This affects php-heic-to-jpg 1.0.5 and below.
Reserved 2024-10-08 | Published 2024-10-24 | Updated 2024-12-19 | Assigner mitregithub.com/MaestroError/php-heic-to-jpg
github.com/marcoris/CVEs/tree/master/CVE-2024-48514
advisories.gitlab.com/...ror/php-heic-to-jpg/CVE-2024-48514/
github.com/advisories/GHSA-g8v9-c8m3-942v
Support options