Libvips: >> Libvips >> 8.8.0 Security Vulnerabilities
im_vips2dz in /libvips/libvips/deprecated/im_vips2dz.c in libvips before 8.8.2 has an uninitialized variable which may cause the leakage of remote server path or stack address.
CVSS Score
5.3
EPSS Score
0.002
Published
2020-11-20
vips_foreign_load_gif_scan_image in foreign/gifload.c in libvips before 8.8.2 tries to access a color map before a DGifGetImageDesc call, leading to a use-after-free.
CVSS Score
8.8
EPSS Score
0.01
Published
2019-10-13