Vulnerabilities > CVE-2019-17534 - Use After Free vulnerability in Libvips

047910
CVSS 8.8 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
network
low complexity
libvips
CWE-416
NVD
Published: 2019-10-13
Updated: 2023-09-29

Summary

vips_foreign_load_gif_scan_image in foreign/gifload.c in libvips before 8.8.2 tries to access a color map before a DGifGetImageDesc call, leading to a use-after-free.

Vulnerable Configurations

Part Description Count
Application
Libvips
46

Common Weakness Enumeration (CWE)

References