4 matches found
USN-6437-1: VIPS vulnerabilities
Ziqiang Gu discovered that VIPS could be made to dereference a NULL pointer. If a user or automated system were tricked into processing a specially crafted input image file, an attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 LTS and Ubunt...
Ubuntu 16.04 ESM / 18.04 ESM / 22.04 ESM : VIPS vulnerabilities (USN-6437-1)
The remote Ubuntu 16.04 ESM / 18.04 ESM / 22.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6437-1 advisory. Ziqiang Gu discovered that VIPS could be made to dereference a NULL pointer. If a user or automated system were tricked into...
CVE-2019-6976
CVE-2019-6976 affects the libvips image processing library. The issue arises when processing corrupted input data: iofuncs/memory.c does not zero out allocated memory, causing output images to potentially reveal uninitialized memory contents. Affected version is libvips before 8.7.4. The document...
CVE-2019-6976
libvips before 8.7.4 generates output images from uninitialized memory locations when processing corrupted input image data because iofuncs/memory.c does not zero out allocated memory. This can result in leaking raw process memory contents through the output image...