VYPR

Nip2

by Libvips

Source repositories

CVEs (1)

  • CVE-2017-17514HigDec 14, 2017
    risk 0.57cvss 8.8epss 0.02

    boxes.c in nip2 8.4.0 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: a software maintainer indicates that this product does…