OSV-2022-226

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/libvips/OSV-2022-226.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2022-226
Published
2022-03-09T00:00:12.248020Z
Modified
2022-04-13T03:04:38.135997Z
Summary
Heap-buffer-overflow in vips_rect_intersectrect
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=45353

Crash type: Heap-buffer-overflow READ 4
Crash state:
vips_rect_intersectrect
vips_foreign_load_pdf_generate
vips_region_prepare_to_generate
References

Affected packages

OSS-Fuzz / libvips

Package

Name
libvips
Purl
pkg:generic/libvips

Affected ranges

Type
GIT
Repo
https://github.com/libvips/libvips.git
Events
Introduced
de2adb99a2ae7564ea23dedeede2c716a8bdcb90
Fixed
2fdab9ba70f5ebf22588943e951339ceb19b184e

Ecosystem specific 

{
    "severity": "MEDIUM"
}