CVE-2020-20739

Priority
Description
im_vips2dz in /libvips/libvips/deprecated/im_vips2dz.c in libvips before
8.8.2 has an uninitialized variable which may cause the leakage of remote
server path or stack address.
Notes
Package
Source: vips (LP Ubuntu Debian)
Upstream:released (8.9.0-1)
Ubuntu 18.04 LTS:needs-triage
Ubuntu 20.04 LTS:not-affected (8.9.1-2)
Ubuntu 21.10:not-affected
Ubuntu 22.04 LTS:not-affected
Ubuntu 14.04 ESM:DNE
Patches:
More Information

Updated: 2022-04-25 00:47:53 UTC (commit ecc1009cb19540b950de59270950018900f37f15)