CNNVD-202509-4327 Information

CNNVD ID

CNNVD-202509-4327

Related CVE

CVE-2025-59933

• CNNVD Published: 2025-09-29

Description (Chinese)

libvips是libvips开源的一个具有低内存需求的快速图像处理库。 libvips 8.17.1及之前版本存在安全漏洞，该漏洞源于解析特制PDF文件头时存在缓冲区读取溢出。

Description (English)

Libvips is a rapid image-processing library with low memory needs from the libvips open source. Libvips 8.17.1 and previous versions contain a security loophole, which stems from the presence of a buffer zone reading spills while deciphering a special PDF file header.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

libvips

Published

2025-09-29

Last Modified

2026-02-24

References

https://github.com/libvips/libvips/commit/a58bfae9223a5466cc81ba9fe6dfb08233cf17d1 https://github.com/libvips/libvips/releases/tag/v8.17.2 https://github.com/libvips/libvips/security/advisories/GHSA-q8px-4w5q-c2r4

Patch

https://www.libvips.org/