CVE-2026-3282

Low CVSS: 1.9

A flaw has been found in libvips 8.19.0. This vulnerability affects the function vips_unpremultiply_build of the file libvips/conversion/unpremultiply.c. Executing a manipulation of the argument alpha_band can lead to out-of-bounds read. The attack needs to be launched locally. The exploit has been published and may be used. This patch is called 7215ead1e0cd7d3703cc4f5fca06d7d0f4c22b91. A patch should be applied to remediate this issue.

Vendor

Libvips

Product

Libvips

CWE

CWE-119

Yayın Tarihi

2026-02-27 03:16:02

Güncelleme

2026-03-02 17:58:30

Source Identifier

cna@vuldb.com

KEV Date Added

Kategoriler

CWE-119 Libvips LOW Libvips 2026

Referanslar

https://github.com/libvips/libvips/ https://github.com/libvips/libvips/commit/7215ead1e0cd7d3703cc4f5fca06d7d0f4c22b91 https://github.com/libvips/libvips/issues/4881 https://github.com/libvips/libvips/issues/4881#issue-3944216443 https://github.com/libvips/libvips/pull/4886 https://vuldb.com/?ctiid.348011 https://vuldb.com/?id.348011 https://vuldb.com/?submit.758862

Benzer Kayıtlar

Medium

CVE-2026-3284

A vulnerability was found in libvips 8.19.0. Impacted is the function vips_extract_area_build of the file libvips/conver…

Low

CVE-2026-3283

A vulnerability has been found in libvips 8.19.0. This issue affects the function vips_extract_band_build of the file li…

Medium

CVE-2026-3281

A vulnerability was detected in libvips 8.19.0. This affects the function vips_bandrank_build of the file libvips/conver…

Medium

CVE-2026-3147

A vulnerability was found in libvips up to 8.18.0. This affects the function vips_foreign_load_csv_build of the file lib…

Medium

CVE-2026-3145

A flaw has been found in libvips up to 8.18.0. The affected element is the function vips_foreign_load_matrix_file_is_a/v…

Medium

CVE-2026-3146

A vulnerability has been found in libvips up to 8.18.0. The impacted element is the function vips_foreign_load_matrix_he…