Libvips · Libvips · CVE-2023-40032
**Name of the Vulnerable Software and Affected Versions**
libvips versions 8.14.3 or earlier
**Description**
A specially crafted SVG input can cause libvips to segfault when attempting to parse a malformed UTF-8 character. libvips is a demand-driven, horizontally threaded image processing library.
**Recommendations**
For libvips versions 8.14.3 or earlier, upgrade to libvips version 8.14.4 (or later) when processing untrusted input.