Kaizawa97

**Name of the Vulnerable Software and Affected Versions** pillow heif versions prior to 1.3.0 **Description** An integer overflow in the encode path buffer validation within ` pillow heif.c` allows an attacker to bypass bounds checks by providing large image dimensions. This can lead to a heap out-of-bounds read, potentially resulting in information disclosure or denial of service. The issue triggers under default settings and does not require any special configuration. **Recommendations** Update to pillow heif version 1.3.0 or later.