2 matches found
CVE-2026-3281
The CVE-2026-3281 vulnerability affects libvips 8.19.0, specifically the vips_bandrank_build function in libvips/conversion/bandrank.c. The issue is a heap-based buffer overflow triggered by manipulating the argument index. Attack requires local access, and public exploits exist. A patch is avail...
CVE-2026-3284
A vulnerability was found in libvips 8.19.0. Impacted is the function vipsextractareabuild of the file libvips/conversion/extract.c. The manipulation of the argument extractarea results in integer overflow. The attack requires a local approach. The exploit has been made public and could be used...