Описание
In libvips before 8.6.3, a NULL function pointer dereference vulnerability was found in the vips_region_generate function in region.c, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted image file. This occurs because of a race condition involving a failed delayed load and other worker threads.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | ignored | end of life |
| bionic | ignored | end of standard support, was needed |
| cosmic | ignored | end of life |
| devel | not-affected | 8.6.3 |
| disco | not-affected | 8.6.3 |
| eoan | not-affected | 8.6.3 |
| esm-apps/bionic | released | 8.4.5-1ubuntu0.1~esm1 |
| esm-apps/focal | not-affected | 8.6.3 |
| esm-apps/jammy | not-affected | 8.6.3 |
| esm-apps/xenial | released | 8.2.2-1ubuntu0.1~esm1 |
Показывать по
5.1 Medium
CVSS2
7.5 High
CVSS3
Связанные уязвимости
In libvips before 8.6.3, a NULL function pointer dereference vulnerability was found in the vips_region_generate function in region.c, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted image file. This occurs because of a race condition involving a failed delayed load and other worker threads.
In libvips before 8.6.3, a NULL function pointer dereference vulnerabi ...
In libvips before 8.6.3, a NULL function pointer dereference vulnerability was found in the vips_region_generate function in region.c, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted image file. This occurs because of a race condition involving a failed delayed load and other worker threads.
5.1 Medium
CVSS2
7.5 High
CVSS3