cve/CVE-2019-6976.md at 4024663e83c70ac127726b49919178f8121c5338

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-28 09:12:08 +00:00

0xMarcio 48a00929ac Removed duplicates

2024-06-18 02:51:15 +02:00

Description

libvips before 8.7.4 generates output images from uninitialized memory locations when processing corrupted input image data because iofuncs/memory.c does not zero out allocated memory. This can result in leaking raw process memory contents through the output image.

POC

Reference

https://blog.silentsignal.eu/2019/04/18/drop-by-drop-bleeding-through-libvips/

Github

https://github.com/Tare05/TestEnvForEntropyCalc
https://github.com/fkie-cad/nvd-json-data-feeds

829 B Raw Blame History

CVE-2019-6976

Description

POC

Reference

Github

829 B

Raw Blame History