VYPR

Imager

by RubyGems

CVEs (1)

  • CVE-2026-13708Jul 7, 2026
    risk 0.00cvss epss

    Imager::File::JPEG versions before 1.003 for Perl leak heap memory when reading a JPEG with repeated APP13 markers in i_readjpeg_wiol. i_readjpeg_wiol walks the marker list libjpeg returns and, for each APP13 marker, allocates a new buffer with *iptc_itext = mymalloc(...) and…