CVE-2019-6976

2019-01-26T23:29:00
ID CVE-2019-6976
Type cve
Reporter cve@mitre.org
Modified 2019-04-26T16:16:00

Description

libvips before 8.7.4 generates output images from uninitialized memory locations when processing corrupted input image data because iofuncs/memory.c does not zero out allocated memory. This can result in leaking raw process memory contents through the output image.