VYPR

apk package

chainguard/libvips

pkg:apk/chainguard/libvips

Vulnerabilities (4)

  • CVE-2026-3147MedFeb 25, 2026
    affected < 8.18.0-r3fixed 8.18.0-r3

    A vulnerability was found in libvips up to 8.18.0. This affects the function vips_foreign_load_csv_build of the file libvips/foreign/csvload.c. The manipulation results in heap-based buffer overflow. The attack requires a local approach. The exploit has been made public and could

  • CVE-2026-3146Feb 25, 2026
    affected < 8.18.0-r3fixed 8.18.0-r3

    A vulnerability has been found in libvips up to 8.18.0. The impacted element is the function vips_foreign_load_matrix_header of the file libvips/foreign/matrixload.c. The manipulation leads to null pointer dereference. The attack needs to be performed locally. The identifier of t

  • CVE-2026-3145Feb 25, 2026
    affected < 8.18.0-r3fixed 8.18.0-r3

    A flaw has been found in libvips up to 8.18.0. The affected element is the function vips_foreign_load_matrix_file_is_a/vips_foreign_load_matrix_header of the file libvips/foreign/matrixload.c. Executing a manipulation can lead to memory corruption. The attack needs to be launched

  • CVE-2026-2913LowFeb 22, 2026
    affected < 8.18.0-r3fixed 8.18.0-r3

    A vulnerability was determined in libvips up to 8.19.0. The affected element is the function vips_source_read_to_memory of the file libvips/iofuncs/source.c. This manipulation causes heap-based buffer overflow. It is possible to launch the attack on the local host. The attack's c