Vulnerabilities > Libvips > Libvips > 8.5.5
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-11-20 | CVE-2020-20739 | Missing Initialization of Resource vulnerability in multiple products im_vips2dz in /libvips/libvips/deprecated/im_vips2dz.c in libvips before 8.8.2 has an uninitialized variable which may cause the leakage of remote server path or stack address. | 5.3 |
| 2019-10-13 | CVE-2019-17534 | Use After Free vulnerability in Libvips vips_foreign_load_gif_scan_image in foreign/gifload.c in libvips before 8.8.2 tries to access a color map before a DGifGetImageDesc call, leading to a use-after-free. | 8.8 |
| 2019-01-26 | CVE-2019-6976 | Use of Uninitialized Resource vulnerability in Libvips libvips before 8.7.4 generates output images from uninitialized memory locations when processing corrupted input image data because iofuncs/memory.c does not zero out allocated memory. | 5.3 |
| 2018-03-09 | CVE-2018-7998 | NULL Pointer Dereference vulnerability in multiple products In libvips before 8.6.3, a NULL function pointer dereference vulnerability was found in the vips_region_generate function in region.c, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted image file. | 7.5 |