Back to search
CVE-2018-7998
Published: Mar 9, 2018
Modified: Aug 5, 2024
PUBLISHED
Description
In libvips before 8.6.3, a NULL function pointer dereference vulnerability was found in the vips_region_generate function in region.c, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted image file. This occurs because of a race condition involving a failed delayed load and other worker threads.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://github.com/jcupitt/libvips/issues/893
x_refsource_MISC
[debian-lts-announce] 20180311 [SECURITY] [DLA 1306-1] vips security update
mailing-list
x_refsource_MLIST
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now