CVE-2026-3283

Low CVSS: 1.9

A vulnerability has been found in libvips 8.19.0. This issue affects the function vips_extract_band_build of the file libvips/conversion/extract.c. The manipulation of the argument extract_band leads to out-of-bounds read. The attack needs to be performed locally. The exploit has been disclosed to the public and may be used. The identifier of the patch is 24795bb3d19d84f7b6f5ed86451ad556c8f2fe70. To fix this issue, it is recommended to deploy a patch.

Vendor

Libvips

Product

Libvips

CWE

CWE-119

Yayın Tarihi

2026-02-27 03:16:02

Güncelleme

2026-03-02 17:56:47

Source Identifier

cna@vuldb.com

KEV Date Added

Kategoriler

CWE-119 Libvips LOW Libvips 2026

Referanslar

https://github.com/libvips/libvips/ https://github.com/libvips/libvips/commit/24795bb3d19d84f7b6f5ed86451ad556c8f2fe70 https://github.com/libvips/libvips/issues/4880 https://github.com/libvips/libvips/issues/4880#issue-3944214985 https://github.com/libvips/libvips/pull/4887 https://vuldb.com/?ctiid.348012 https://vuldb.com/?id.348012 https://vuldb.com/?submit.758863

Benzer Kayıtlar

Medium

CVE-2026-3284

A vulnerability was found in libvips 8.19.0. Impacted is the function vips_extract_area_build of the file libvips/conver…

Low

CVE-2026-3282

A flaw has been found in libvips 8.19.0. This vulnerability affects the function vips_unpremultiply_build of the file li…

Medium

CVE-2026-3281

A vulnerability was detected in libvips 8.19.0. This affects the function vips_bandrank_build of the file libvips/conver…

Medium

CVE-2026-3147

A vulnerability was found in libvips up to 8.18.0. This affects the function vips_foreign_load_csv_build of the file lib…

Medium

CVE-2026-3145

A flaw has been found in libvips up to 8.18.0. The affected element is the function vips_foreign_load_matrix_file_is_a/v…

Medium

CVE-2026-3146

A vulnerability has been found in libvips up to 8.18.0. The impacted element is the function vips_foreign_load_matrix_he…