124 matches found
CVE-2026-3281
A vulnerability was detected in libvips 8.19.0. This affects the function vipsbandrankbuild of the file libvips/conversion/bandrank.c. Performing a manipulation of the argument index results in heap-based buffer overflow. The attack must be initiated from a local position. The exploit is now publ...
CVE-2026-3281
A vulnerability was detected in libvips 8.19.0. This affects the function vipsbandrankbuild of the file libvips/conversion/bandrank.c. Performing a manipulation of the argument index results in heap-based buffer overflow. The attack must be initiated from a local position. The exploit is now publ...
libvips 输入验证错误漏洞
libvips is an open-source fast image processing library with low memory requirements. Version 8.19.0 of libvips contains a vulnerability related to input validation errors. This vulnerability stems from incorrect handling of the extractarea parameter in the function vipsextractareabuild located i...
PT-2026-22285
A vulnerability was detected in libvips 8.19.0. This affects the function vips bandrank build of the file libvips/conversion/bandrank.c. Performing a manipulation of the argument index results in heap-based buffer overflow. The attack must be initiated from a local position. The exploit is now...
PT-2026-22288
A vulnerability was found in libvips 8.19.0. Impacted is the function vips extract area build of the file libvips/conversion/extract.c. The manipulation of the argument extract area results in integer overflow. The attack requires a local approach. The exploit has been made public and could be...
Linux Distros Unpatched Vulnerability : CVE-2026-3147
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in libvips up to 8.18.0. This affects the function vipsforeignloadcsvbuild of the file libvips/foreign/csvload.c. The manipulation...
Out-of-Bounds
Overview Affected versions of this package are vulnerable to Out-of-Bounds in the vipsforeignloadmatrixheader function. An attacker can cause memory corruption by providing specially crafted input files to the affected process. Remediation A fix was pushed into the master branch but not yet...
CVE-2026-3147
A vulnerability was found in libvips up to 8.18.0. This affects the function vipsforeignloadcsvbuild of the file libvips/foreign/csvload.c. The manipulation results in heap-based buffer overflow. The attack requires a local approach. The exploit has been made public and could be used. The patch i...
CVE-2026-3146
A vulnerability has been found in libvips up to 8.18.0. The impacted element is the function vipsforeignloadmatrixheader of the file libvips/foreign/matrixload.c. The manipulation leads to null pointer dereference. The attack needs to be performed locally. The identifier of the patch is...
CVE-2026-3146
A vulnerability has been found in libvips up to 8.18.0. The impacted element is the function vipsforeignloadmatrixheader of the file libvips/foreign/matrixload.c. The manipulation leads to null pointer dereference. The attack needs to be performed locally. The identifier of the patch is...
Heap-based Buffer Overflow
Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow in the vipssourcereadtomemory function. An attacker can cause a crash or disrupt service by providing a specially crafted custom seekable source larger than 4 GiB, leading to a heap-based buffer overflow...
UBUNTU-CVE-2026-2913
A vulnerability was determined in libvips up to 8.19.0. The affected element is the function vipssourcereadtomemory of the file libvips/iofuncs/source.c. This manipulation causes heap-based buffer overflow. It is possible to launch the attack on the local host. The attack's complexity is rated as...
CVE-2026-2913 libvips source.c vips_source_read_to_memory heap-based overflow
A vulnerability was determined in libvips up to 8.19.0. The affected element is the function vipssourcereadtomemory of the file libvips/iofuncs/source.c. This manipulation causes heap-based buffer overflow. It is possible to launch the attack on the local host. The attack's complexity is rated as...
CVE-2026-2913 libvips source.c vips_source_read_to_memory heap-based overflow
A vulnerability was determined in libvips up to 8.19.0. The affected element is the function vipssourcereadtomemory of the file libvips/iofuncs/source.c. This manipulation causes heap-based buffer overflow. It is possible to launch the attack on the local host. The attack's complexity is rated as...
CVE-2026-2913
A vulnerability was determined in libvips up to 8.19.0. The affected element is the function vipssourcereadtomemory of the file libvips/iofuncs/source.c. This manipulation causes heap-based buffer overflow. It is possible to launch the attack on the local host. The attack's complexity is rated as...
CVE-2026-2913
CVE-2026-2913 (libvips) : A heap-based buffer overflow is triggered in vips_source_read_to_memory within libvips/iofuncs/source.c, affecting libvips up to 8.19.0. The vulnerability can be exploited locally, with high attack complexity and high impact on availability and integrity as described. Th...
PT-2026-21413
A vulnerability was determined in libvips up to 8.19.0. The affected element is the function vips source read to memory of the file libvips/iofuncs/source.c. This manipulation causes heap-based buffer overflow. It is possible to launch the attack on the local host. The attack's complexity is rate...
[SECURITY] Fedora 42 Update: vips-8.17.3-1.fc42
VIPS is an image processing library. It is good for very large images even larger than the amount of RAM in your machine, and for working with color. This package should be installed if you want to use a program compiled against VIPS...
[SECURITY] Fedora 43 Update: vips-8.17.3-1.fc43
VIPS is an image processing library. It is good for very large images even larger than the amount of RAM in your machine, and for working with color. This package should be installed if you want to use a program compiled against VIPS...
Fedora 42 : vips (2025-107641b428)
The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-107641b428 advisory. New version of vips. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for th...