Lucene search
China National Vulnerability DatabaseCNVD-2022-06542HistoryNov 23, 2020 - 12:00 a.m.
libvips Information Disclosure Vulnerability
2020-11-2300:00:00
China National Vulnerability Database
www.cnvd.org.cn
4
0.004 Low
EPSS
Percentile
72.7%
libvips is a demand-driven multi-threaded image processing library. libvips versions prior to 8.8.2 are vulnerable to an information disclosure. The vulnerability stems from im_vips2dz in /libvips/libvips/deprecated/im_vips2dz.c in libvips having uninitialized variables. An attacker could use this vulnerability to obtain a remote server path or stack address.
| CPE | Name | Operator | Version |
|---|---|---|---|
| libvips libvips | lt | 8.8.2 |
Related
osv
osv
CVE-2020-20739
2020-11-20 19:15:11
vips - security update
2020-11-30 00:00:00
vips vulnerabilities
2023-10-18 14:40:28
openvas
openvas
Debian: Security Advisory (DLA-2473-1)
2020-12-01 00:00:00
Fedora: Security Advisory for vips (FEDORA-2020-d82261f7b1)
2020-12-09 00:00:00
Ubuntu: Security Advisory (USN-6437-1)
2023-10-19 00:00:00
fedora
fedora
[SECURITY] Fedora 32 Update: vips-8.8.4-5.fc32
2020-12-09 01:23:07
nessus
nessus
Fedora 32 : vips (2020-d82261f7b1)
2020-12-09 00:00:00
Debian DLA-2473-1 : vips security update
2020-12-01 00:00:00
Ubuntu 16.04 ESM / 18.04 ESM / 22.04 ESM : VIPS vulnerabilities (USN-6437-1)
2023-10-18 00:00:00
nvd
nvd
CVE-2020-20739
2020-11-20 19:15:11
debiancve
debiancve
CVE-2020-20739
2020-11-20 19:15:11
cve
cve
CVE-2020-20739
2020-11-20 19:15:11
debian
debian
[SECURITY] [DLA 2473-1] vips security update
2020-11-30 22:10:07
ubuntucve
ubuntucve
CVE-2020-20739
2020-11-20 00:00:00
alpinelinux
alpinelinux
CVE-2020-20739
2020-11-20 19:15:11
prion
prion
Path traversal
2020-11-20 19:15:00
cvelist
cvelist
CVE-2020-20739
2020-11-20 18:16:00
ubuntu
ubuntu
VIPS vulnerabilities
2023-10-18 00:00:00