John Cupitt

5 exploits Active since Mar 2018
CVE-2018-7998 WRITEUP HIGH WRITEUP
libvips < 8.6.3 - Denial of Service via Race Condition in vips_region_generate
In libvips before 8.6.3, a NULL function pointer dereference vulnerability was found in the vips_region_generate function in region.c, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted image file. This occurs because of a race condition involving a failed delayed load and other worker threads.
CVSS 7.5
CVE-2019-17534 WRITEUP HIGH WRITEUP
libvips < 8.8.2 - Use-After-Free in GIF Image Loading
vips_foreign_load_gif_scan_image in foreign/gifload.c in libvips before 8.8.2 tries to access a color map before a DGifGetImageDesc call, leading to a use-after-free.
CVSS 8.8
CVE-2019-6976 WRITEUP MEDIUM WRITEUP
libvips < 8.7.4 - Information Disclosure via Uninitialized Memory in Image Processing
libvips before 8.7.4 generates output images from uninitialized memory locations when processing corrupted input image data because iofuncs/memory.c does not zero out allocated memory. This can result in leaking raw process memory contents through the output image.
CVSS 5.3
CVE-2020-20739 WRITEUP MEDIUM WRITEUP
libvips < 8.8.2 - Information Disclosure via Uninitialized Variable in im_vips2dz
im_vips2dz in /libvips/libvips/deprecated/im_vips2dz.c in libvips before 8.8.2 has an uninitialized variable which may cause the leakage of remote server path or stack address.
CVSS 5.3
CVE-2025-59933 WRITEUP HIGH WRITEUP
libvips < 8.17.2 - Buffer Over-read in PDF Header Parsing
libvips is a demand-driven, horizontally threaded image processing library. For versions 8.17.1 and below, when libvips is compiled with support for PDF input via poppler, the pdfload operation is affected by a buffer read overflow when parsing the header of a crafted PDF with a page that defines a width but not a height. Those using libvips compiled without support for PDF input are unaffected as well as thosewith support for PDF input via PDFium. This issue is fixed in version 8.17.2. A workaround for those affected is to block the VipsForeignLoadPdf operation via vips_operation_block_set, which is available in most language bindings, or to set VIPS_BLOCK_UNTRUSTED environment variable at runtime, which will block all untrusted loaders including PDF input via poppler.
CVSS 7.8