Описание
libvips before 8.7.4 generates output images from uninitialized memory locations when processing corrupted input image data because iofuncs/memory.c does not zero out allocated memory. This can result in leaking raw process memory contents through the output image.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needed |
| cosmic | ignored | end of life |
| devel | not-affected | 8.7.4-1 |
| disco | not-affected | 8.7.4-1 |
| eoan | not-affected | 8.7.4-1 |
| esm-apps/bionic | released | 8.4.5-1ubuntu0.1~esm1 |
| esm-apps/focal | not-affected | 8.7.4-1 |
| esm-apps/jammy | not-affected | 8.7.4-1 |
| esm-apps/xenial | released | 8.2.2-1ubuntu0.1~esm1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was needed] |
Показывать по
Ссылки на источники
5 Medium
CVSS2
5.3 Medium
CVSS3
Связанные уязвимости
libvips before 8.7.4 generates output images from uninitialized memory locations when processing corrupted input image data because iofuncs/memory.c does not zero out allocated memory. This can result in leaking raw process memory contents through the output image.
libvips before 8.7.4 generates output images from uninitialized memory ...
libvips before 8.7.4 generates output images from uninitialized memory locations when processing corrupted input image data because iofuncs/memory.c does not zero out allocated memory. This can result in leaking raw process memory contents through the output image.
5 Medium
CVSS2
5.3 Medium
CVSS3