OSV-2025-677

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/https://invent.kde.org/frameworks/kimageformats.git/OSV-2025-677.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2025-677
Published
2025-08-23T00:05:27.168432Z
Modified
2025-08-23T00:05:27.168725Z
Summary
Heap-buffer-overflow in TGAHandler::read
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=440374852

Crash type: Heap-buffer-overflow WRITE 4
Crash state:
TGAHandler::read
kimgio_fuzzer.cc
LLVMFuzzerRunDriver
References

Affected packages

OSS-Fuzz / kimageformats

Package

Name
kimageformats
Purl
pkg:generic/kimageformats

Affected ranges

Type
GIT
Repo
https://invent.kde.org/frameworks/kimageformats.git
Events
Introduced
bc8b5b56b1c623c832543156320a002016315cdb
Fixed
f933cbe12d5a4e8cf93e0292a58ba7cb0a11fe02

Ecosystem specific 

{
    "severity": "HIGH"
}

Database specific 

{
    "introduced_range": "35a1ed0227559036f6e78169d359a45b6c191513:ebc366b3c59c655e8eff49ec8ab2d54de23da298"
}