Showing 1 - 1 of 1

CVE-2020-20739

Status Candidate

Overview

im_vips2dz in /libvips/libvips/deprecated/im_vips2dz.c in libvips before 8.8.2 has an uninitialized variable which may cause the leakage of remote server path or stack address.

Related Files

Ubuntu Security Notice USN-6437-1: Posted Oct 18, 2023; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 6437-1 - Ziqiang Gu discovered that VIPS could be made to dereference a NULL pointer. If a user or automated system were tricked into processing a specially crafted input image file, an attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. It was discovered that VIPS did not properly handle uninitialized memory locations when processing corrupted input image data. An attacker could possibly use this issue to generate output images that expose sensitive information. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS.; tags | advisory, denial of service; systems | linux, ubuntu; advisories | CVE-2018-7998, CVE-2019-6976, CVE-2020-20739, CVE-2021-27847, CVE-2023-40032; SHA-256 | f1389fbfe84a630887a2d71264e245e4c353f43dc0b13710da814eedce7ae446; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 304 files
indoushka 142 files
Ubuntu 100 files
Gentoo 32 files
Debian 24 files
LiquidWorm 17 files
Apple 11 files
Google Security Research 8 files
malvuln 8 files
Michael Baer 3 files

File Archives

Systems

AIX (430)
Apple (2,117)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,144)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,599)
HPUX (881)
iOS (391)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,608)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,085)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,928)
UNIX (9,469)
UnixWare (188)
Windows (6,784)
Other

CVE-2020-20739

Overview

Related Files

File Archive:

October 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems