Описание
libvips is a demand-driven, horizontally threaded image processing library. A specially crafted SVG input can cause libvips versions 8.14.3 or earlier to segfault when attempting to parse a malformed UTF-8 character. Users should upgrade to libvips version 8.14.4 (or later) when processing untrusted input.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support |
| devel | not-affected | 8.15.1-1.1build4 |
| esm-apps/bionic | not-affected | code not present |
| esm-apps/focal | not-affected | code not present |
| esm-apps/jammy | released | 8.12.1-1ubuntu0.1~esm1 |
| esm-apps/noble | needed | |
| esm-apps/xenial | not-affected | code not present |
| focal | not-affected | code not present |
| jammy | needed | |
| lunar | ignored | end of life, was needed |
Показывать по
Ссылки на источники
5.5 Medium
CVSS3
Связанные уязвимости
libvips is a demand-driven, horizontally threaded image processing library. A specially crafted SVG input can cause libvips versions 8.14.3 or earlier to segfault when attempting to parse a malformed UTF-8 character. Users should upgrade to libvips version 8.14.4 (or later) when processing untrusted input.
libvips is a demand-driven, horizontally threaded image processing lib ...
5.5 Medium
CVSS3