VYPR
Unrated severityOSV Advisory· Published Jan 26, 2019· Updated Aug 4, 2024

CVE-2019-6976

CVE-2019-6976

Description

libvips before 8.7.4 generates output images from uninitialized memory locations when processing corrupted input image data because iofuncs/memory.c does not zero out allocated memory. This can result in leaking raw process memory contents through the output image.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Libvips/LibvipsOSV2 versions
    v7.28.0, v8.0-beta, v8.1, …+ 1 more
    • (no CPE)range: v7.28.0, v8.0-beta, v8.1, …
    • (no CPE)range: <8.7.4

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.