PT-2026-21849 · Libvips · Libvips
Niebelungen
·
Published
2026-02-25
·
Updated
2026-02-25
·
CVE-2026-3145
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
libvips versions prior to 8.18.0
Description
A memory corruption issue exists in libvips. The flaw is located in the
vips foreign load matrix file is a/vips foreign load matrix header function within the libvips/foreign/matrixload.c file. A local attacker can trigger this issue through manipulation, potentially leading to memory corruption.Recommendations
Apply the patch d4ce337c76bff1b278d7085c3c4f4725e3aa6ece to remediate this issue.
Fix
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Libvips