Vulnerabilities > Libvips > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-09-11 CVE-2023-40032 Unspecified vulnerability in Libvips
libvips is a demand-driven, horizontally threaded image processing library.
local
low complexity
libvips
5.5
5.5
2021-07-15 CVE-2021-27847 Divide By Zero vulnerability in Libvips 8.10.5
Division-By-Zero vulnerability in Libvips 8.10.5 in the function vips_eye_point, eye.c#L83, and function vips_mask_point, mask.c#L85.
network
low complexity
libvips CWE-369
6.5
6.5
2020-11-20 CVE-2020-20739 Missing Initialization of Resource vulnerability in multiple products
im_vips2dz in /libvips/libvips/deprecated/im_vips2dz.c in libvips before 8.8.2 has an uninitialized variable which may cause the leakage of remote server path or stack address.
network
low complexity
libvips debian fedoraproject CWE-909
5.3
5.3
2019-01-26 CVE-2019-6976 Use of Uninitialized Resource vulnerability in Libvips
libvips before 8.7.4 generates output images from uninitialized memory locations when processing corrupted input image data because iofuncs/memory.c does not zero out allocated memory.
network
low complexity
libvips CWE-908
5.3
5.3