Home/Product/libvips
Product

libvips

16 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2026-3284
all versions
A vulnerability was found in libvips 8.19.0. Impacted is the function vips_extract_area_build of the file libvips/conversion/extra
3.3LOW
 CVE-2026-3283
all versions
A vulnerability has been found in libvips 8.19.0. This issue affects the function vips_extract_band_build of the file libvips/conv
3.3LOW
 CVE-2026-3282
all versions
A flaw has been found in libvips 8.19.0. This vulnerability affects the function vips_unpremultiply_build of the file libvips/conv
3.3LOW
 CVE-2026-3281
all versions
A vulnerability was detected in libvips 8.19.0. This affects the function vips_bandrank_build of the file libvips/conversion/bandr
5.3MEDIUM
 CVE-2026-3147
<= 8.18.0
A vulnerability was found in libvips up to 8.18.0. This affects the function vips_foreign_load_csv_build of the file libvips/forei
5.3MEDIUM
 CVE-2026-3146
<= 8.18.0
A vulnerability has been found in libvips up to 8.18.0. The impacted element is the function vips_foreign_load_matrix_header of th
3.3LOW
 CVE-2026-3145
<= 8.18.0
A flaw has been found in libvips up to 8.18.0. The affected element is the function vips_foreign_load_matrix_file_is_a/vips_foreig
5.3MEDIUM
 CVE-2026-2913
<= 8.19.0
A vulnerability was determined in libvips up to 8.19.0. The affected element is the function vips_source_read_to_memory of the fil
2.5LOW
 CVE-2025-59933
< 8.17.2
libvips is a demand-driven, horizontally threaded image processing library. For versions 8.17.1 and below, when libvips is compile
7.8HIGH
 CVE-2025-29769
< 8.16.1
libvips is a demand-driven, horizontally threaded image processing library. The heifsave operation could incorrectly determine th
5.5MEDIUM
 CVE-2023-40032
>= 8.12.0 and < 8.14.4
libvips is a demand-driven, horizontally threaded image processing library. A specially crafted SVG input can cause libvips versio
5.5MEDIUM
 CVE-2021-27847
all versions
Division-By-Zero vulnerability in Libvips 8.10.5 in the function vips_eye_point, eye.c#L83, and function vips_mask_point, mask.c#L
6.5MEDIUM
 CVE-2020-20739
< 8.8.2
im_vips2dz in /libvips/libvips/deprecated/im_vips2dz.c in libvips before 8.8.2 has an uninitialized variable which may cause the l
5.3MEDIUM
 CVE-2019-17534
< 8.8.2
vips_foreign_load_gif_scan_image in foreign/gifload.c in libvips before 8.8.2 tries to access a color map before a DGifGetImageDes
8.8HIGH
 CVE-2019-6976
< 8.7.4
libvips before 8.7.4 generates output images from uninitialized memory locations when processing corrupted input image data becaus
5.3MEDIUM
 CVE-2018-7998
< 8.6.3
In libvips before 8.6.3, a NULL function pointer dereference vulnerability was found in the vips_region_generate function in regio
7.5HIGH
SOC and Response
CVE triage
Stack monitoring
Am I affected
IOC triage
KEV catalog
Recently exploited
Daily brief
Change tracking
Detection Engineering
Coverage workspace
Detection coverage
Coverage check
Telemetry ceiling
SIEM query builder
Sigma rules
SIEM rules
YARA rules
Network rules
D3FEND
Threat Hunting
Threat actors
ATT&CK techniques
Attack paths
Indicators
Atomic tests
Red Team and Pentest
Exploitability triage
Recon pack
Attack paths
CAPEC patterns
Adversary emulation
Compliance and GRC
Framework mapping
Control assessment
Audit view
Atlas Search Threat actors Techniques Tools & malware CWE CAPEC KEV catalog Package vulns
About All capabilities Pricing API docs Live status Privacy policy Terms of service
threatengine.sh