Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

1 – 7 of 7 results


CVE-2023-40032

Medium priority

Some fixes available 1 of 4

libvips is a demand-driven, horizontally threaded image processing library. A specially crafted SVG input can cause libvips versions 8.14.3 or earlier to segfault when attempting to parse a malformed UTF-8 character. Users should...

1 affected packages

vips

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
vips Vulnerable Fixed Not affected Not affected Not affected
Show less packages

CVE-2021-27847

Low priority
Fixed

Division-By-Zero vulnerability in Libvips 8.10.5 in the function vips_eye_point, eye.c#L83, and function vips_mask_point, mask.c#L85.

1 affected packages

vips

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
vips Not affected Not affected Fixed Fixed
Show less packages

CVE-2020-20739

Medium priority
Fixed

im_vips2dz in /libvips/libvips/deprecated/im_vips2dz.c in libvips before 8.8.2 has an uninitialized variable which may cause the leakage of remote server path or stack address.

1 affected packages

vips

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
vips Not affected Not affected Fixed Fixed
Show less packages

CVE-2019-17534

Medium priority
Ignored

vips_foreign_load_gif_scan_image in foreign/gifload.c in libvips before 8.8.2 tries to access a color map before a DGifGetImageDesc call, leading to a use-after-free.

1 affected packages

vips

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
vips Not affected Not affected Not affected Not affected
Show less packages

CVE-2019-6976

Medium priority

Some fixes available 2 of 3

libvips before 8.7.4 generates output images from uninitialized memory locations when processing corrupted input image data because iofuncs/memory.c does not zero out allocated memory. This can result in leaking raw process memory...

1 affected packages

vips

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
vips Not affected Not affected Fixed Fixed
Show less packages

CVE-2018-7998

Medium priority

Some fixes available 2 of 4

In libvips before 8.6.3, a NULL function pointer dereference vulnerability was found in the vips_region_generate function in region.c, which allows remote attackers to cause a denial of service or possibly have unspecified other...

1 affected packages

vips

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
vips Not affected Not affected Fixed Fixed
Show less packages

CVE-2010-3364

Low priority
Ignored

The vips-7.22 script in VIPS 7.22.2 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.

1 affected packages

vips

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
vips
Show less packages