{"id":"ECHO-335c-65c6-bca4","modified":"2026-03-15T13:00:06.129340Z","published":"2026-03-13T04:09:18.230105Z","upstream":["CVE-2026-3949"],"references":[{"type":"WEB","url":"https://advisory.echohq.com/cve/CVE-2026-3949"}],"affected":[{"package":{"name":"libheif","ecosystem":"Echo","purl":"pkg:deb/echo/libheif"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.19.8-1+e2"}]}],"database_specific":{"source":"https://advisory.echohq.com/osv/ECHO-335c-65c6-bca4.json"}}],"schema_version":"1.7.5"}