DEBIAN-CVE-2025-29769

libvips is a demand-driven, horizontally threaded image processing library. The heifsave operation could incorrectly determine the presence of an alpha channel in an input when it was not possible to determine the colour interpretation, known internally within libvips as "multiband". There aren't...

CVE-2025-29769

libvips is a demand-driven, horizontally threaded image processing library. The heifsave operation could incorrectly determine the presence of an alpha channel in an input when it was not possible to determine the colour interpretation, known internally within libvips as "multiband". There aren't...

CVE-2025-29769 libvips has a potential heap-based buffer overflow when attempting to convert multiband TIFF input to HEIF output

libvips is a demand-driven, horizontally threaded image processing library. The heifsave operation could incorrectly determine the presence of an alpha channel in an input when it was not possible to determine the colour interpretation, known internally within libvips as "multiband". There aren't...

CVE-2025-29769

CVE-2025-29769 affects libvips, where the heifsave path could mis-handle a multiband TIFF input (4 channels) and output HEIF with 3 channels, then attempt to write 4 channels, causing a heap-based buffer overflow and possible crash. Root cause: incorrect alpha-channel determination when colour in...

PT-2025-15290 · Libvips +1 · Libvips +1

Name of the Vulnerable Software and Affected Versions: libvips versions prior to 8.16.1 Description: The issue arises from the heifsave operation in libvips, which can incorrectly determine the presence of an alpha channel in a "multiband" input. This can occur with a well-crafted TIFF image,...