CVE-2018-7998 -- vipsID: oval:org.secpod.oval:def:2000236 | Date: (C)2019-04-22 (M)2023-10-05 |
Class: VULNERABILITY | Family: unix |
In libvips before 8.6.3, a NULL function pointer dereference vulnerability was found in the vips_region_generate function in region.c, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted image file. This occurs because of a race condition involving a failed delayed load and other worker threads.
Platform: |
Debian 8.x |
Debian 9.x |