{"id":"OSV-2025-131","summary":"Heap-buffer-overflow in vips_foreign_save_heif_write_block","details":"OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=396460413\n\n```\nCrash type: Heap-buffer-overflow WRITE {*}\nCrash state:\nvips_foreign_save_heif_write_block\nwbuffer_write_thread\nvips_threadset_work\n```\n","modified":"2025-03-18T00:32:21.245932Z","published":"2025-02-16T00:13:44.282887Z","references":[{"type":"REPORT","url":"https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=396460413"}],"affected":[{"package":{"name":"libvips","ecosystem":"OSS-Fuzz","purl":"pkg:generic/libvips"},"ranges":[{"type":"GIT","repo":"https://github.com/libvips/libvips.git","events":[{"introduced":"7b47b07bcd0583c4f9d4afaac85d3abb5008edff"},{"fixed":"68d859f9b7cc8f7d6748bfc44037e8c233b03d7b"}]}],"versions":["v8.16.1"],"ecosystem_specific":{"severity":"HIGH"},"database_specific":{"fixed_range":"762f5030c82861a8d4b981cb398f81e70d002bd9:68d859f9b7cc8f7d6748bfc44037e8c233b03d7b","source":"https://github.com/google/oss-fuzz-vulns/blob/main/vulns/libvips/OSV-2025-131.yaml"}}],"schema_version":"1.7.3"}