Mafty5275

**Name of the Vulnerable Software and Affected Versions** OpenImageIO versions prior to 3.0.18.0 OpenImageIO versions prior to 3.1.13.0 **Description** OpenImageIO is a toolset for reading, writing, and manipulating image files for VFX and animation. A heap-based buffer overflow occurs in the HEIF decoder when processing crafted images with a subimage metadata mismatch. This leads to out-of-bounds writes, resulting in memory corruption and potential code execution. **Recommendations** Update to version 3.0.18.0. Update to version 3.1.13.0.