Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Potential segfault due to NULL pointer dereference in libvips
Vulnerability Description
libvips is a demand-driven, horizontally threaded image processing library. A specially crafted SVG input can cause libvips versions 8.14.3 or earlier to segfault when attempting to parse a malformed UTF-8 character. Users should upgrade to libvips version 8.14.4 (or later) when processing untrusted input.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Vulnerability Type
空指针解引用
Vulnerability Title
libvips 代码问题漏洞
Vulnerability Description
libvips是一款开源的2D图像处理库。 libvips 8.14.3及之前版本存在代码问题漏洞,该漏洞源于在尝试解析格式错误的UTF-8字符时,攻击者可通过特制SVG输入导致libvips出现段错误。
CVSS Information
N/A
Vulnerability Type
N/A