apk package
chainguard/libvips-doc
pkg:apk/chainguard/libvips-doc
Vulnerabilities (4)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-3147 | Med | 5.3 | < 8.18.0-r3 | 8.18.0-r3 | Feb 25, 2026 | A vulnerability was found in libvips up to 8.18.0. This affects the function vips_foreign_load_csv_build of the file libvips/foreign/csvload.c. The manipulation results in heap-based buffer overflow. The attack requires a local approach. The exploit has been made public and could | |
| CVE-2026-3146 | — | < 8.18.0-r3 | 8.18.0-r3 | Feb 25, 2026 | A vulnerability has been found in libvips up to 8.18.0. The impacted element is the function vips_foreign_load_matrix_header of the file libvips/foreign/matrixload.c. The manipulation leads to null pointer dereference. The attack needs to be performed locally. The identifier of t | ||
| CVE-2026-3145 | — | < 8.18.0-r3 | 8.18.0-r3 | Feb 25, 2026 | A flaw has been found in libvips up to 8.18.0. The affected element is the function vips_foreign_load_matrix_file_is_a/vips_foreign_load_matrix_header of the file libvips/foreign/matrixload.c. Executing a manipulation can lead to memory corruption. The attack needs to be launched | ||
| CVE-2026-2913 | Low | 2.5 | < 8.18.0-r3 | 8.18.0-r3 | Feb 22, 2026 | A vulnerability was determined in libvips up to 8.19.0. The affected element is the function vips_source_read_to_memory of the file libvips/iofuncs/source.c. This manipulation causes heap-based buffer overflow. It is possible to launch the attack on the local host. The attack's c |
- affected < 8.18.0-r3fixed 8.18.0-r3
A vulnerability was found in libvips up to 8.18.0. This affects the function vips_foreign_load_csv_build of the file libvips/foreign/csvload.c. The manipulation results in heap-based buffer overflow. The attack requires a local approach. The exploit has been made public and could
- CVE-2026-3146Feb 25, 2026affected < 8.18.0-r3fixed 8.18.0-r3
A vulnerability has been found in libvips up to 8.18.0. The impacted element is the function vips_foreign_load_matrix_header of the file libvips/foreign/matrixload.c. The manipulation leads to null pointer dereference. The attack needs to be performed locally. The identifier of t
- CVE-2026-3145Feb 25, 2026affected < 8.18.0-r3fixed 8.18.0-r3
A flaw has been found in libvips up to 8.18.0. The affected element is the function vips_foreign_load_matrix_file_is_a/vips_foreign_load_matrix_header of the file libvips/foreign/matrixload.c. Executing a manipulation can lead to memory corruption. The attack needs to be launched
- affected < 8.18.0-r3fixed 8.18.0-r3
A vulnerability was determined in libvips up to 8.19.0. The affected element is the function vips_source_read_to_memory of the file libvips/iofuncs/source.c. This manipulation causes heap-based buffer overflow. It is possible to launch the attack on the local host. The attack's c