CVE-2023-40032 - Vulnerability Details - OpenCVE

ReportizFlow

libvips is a demand-driven, horizontally threaded image processing library. A specially crafted SVG input can cause libvips versions 8.14.3 or earlier to segfault when attempting to parse a malformed UTF-8 character. Users should upgrade to libvips version 8.14.4 (or later) when processing untrusted input.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Libvips	Libvips

Configuration 1 [-]

cpe:2.3:a:libvips:libvips:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://github.com/libvips/libvips/commit/e091d65835966ef56d53a4105a7362cafdb1582b
https://github.com/libvips/libvips/pull/3604
https://github.com/libvips/libvips/security/advisories/GHSA-33qp-9pq7-9584
https://lists.fedoraproject.org/archives/list/[email protected]/message/YU2FFC47X2XDEGEHEWAGLU5L3R6FEYD2/

History

No history.

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2023-09-11T18:34:59.025Z

Updated: 2024-08-02T18:24:54.896Z

Reserved: 2023-08-08T13:46:25.244Z

Link: CVE-2023-40032

Vulnrichment

No data.

NVD

Status : Modified

Published: 2023-09-11T19:15:43.603

Modified: 2024-11-21T08:18:33.757

Link: CVE-2023-40032

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-40032", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2023-08-08T13:46:25.244Z", "datePublished": "2023-09-11T18:34:59.025Z", "dateUpdated": "2024-08-02T18:24:54.896Z"}, "containers": {"cna": {"title": "Potential segfault due to NULL pointer dereference in libvips", "problemTypes": [{"descriptions": [{"cweId": "CWE-476", "lang": "en", "description": "CWE-476: NULL Pointer Dereference", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}}], "references": [{"name": "https://github.com/libvips/libvips/security/advisories/GHSA-33qp-9pq7-9584", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/libvips/libvips/security/advisories/GHSA-33qp-9pq7-9584"}, {"name": "https://github.com/libvips/libvips/pull/3604", "tags": ["x_refsource_MISC"], "url": "https://github.com/libvips/libvips/pull/3604"}, {"name": "https://github.com/libvips/libvips/commit/e091d65835966ef56d53a4105a7362cafdb1582b", "tags": ["x_refsource_MISC"], "url": "https://github.com/libvips/libvips/commit/e091d65835966ef56d53a4105a7362cafdb1582b"}, {"url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/YU2FFC47X2XDEGEHEWAGLU5L3R6FEYD2/"}], "affected": [{"vendor": "libvips", "product": "libvips", "versions": [{"version": "< 8.14.4", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2023-09-11T18:34:59.025Z"}, "descriptions": [{"lang": "en", "value": "libvips is a demand-driven, horizontally threaded image processing library. A specially crafted SVG input can cause libvips versions 8.14.3 or earlier to segfault when attempting to parse a malformed UTF-8 character. Users should upgrade to libvips version 8.14.4 (or later) when processing untrusted input.\n"}], "source": {"advisory": "GHSA-33qp-9pq7-9584", "discovery": "UNKNOWN"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T18:24:54.896Z"}, "title": "CVE Program Container", "references": [{"name": "https://github.com/libvips/libvips/security/advisories/GHSA-33qp-9pq7-9584", "tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/libvips/libvips/security/advisories/GHSA-33qp-9pq7-9584"}, {"name": "https://github.com/libvips/libvips/pull/3604", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/libvips/libvips/pull/3604"}, {"name": "https://github.com/libvips/libvips/commit/e091d65835966ef56d53a4105a7362cafdb1582b", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/libvips/libvips/commit/e091d65835966ef56d53a4105a7362cafdb1582b"}, {"url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/YU2FFC47X2XDEGEHEWAGLU5L3R6FEYD2/", "tags": ["x_transferred"]}]}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:libvips:libvips:*:*:*:*:*:*:*:*", "matchCriteriaId": "282AC9B5-16D4-4CA8-90BF-B15E00CF0DF9", "versionEndExcluding": "8.14.4", "versionStartIncluding": "8.12.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "libvips is a demand-driven, horizontally threaded image processing library. A specially crafted SVG input can cause libvips versions 8.14.3 or earlier to segfault when attempting to parse a malformed UTF-8 character. Users should upgrade to libvips version 8.14.4 (or later) when processing untrusted input.\n"}, {"lang": "es", "value": "libvips es una librer\u00eda de procesamiento de im\u00e1genes con subprocesos horizontales y basada en la demanda. Una entrada SVG manipulada puede provocar que las versiones 8.14.3 o anteriores de libvips generen un error de segmentaci\u00f3n al intentar analizar un car\u00e1cter UTF-8 con formato incorrecto. Los usuarios deben actualizar a libvips versi\u00f3n 8.14.4 (o posterior) cuando procesen entradas que no sean de confianza."}], "id": "CVE-2023-40032", "lastModified": "2024-11-21T08:18:33.757", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "[email protected]", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "[email protected]", "type": "Primary"}]}, "published": "2023-09-11T19:15:43.603", "references": [{"source": "[email protected]", "tags": ["Patch"], "url": "https://github.com/libvips/libvips/commit/e091d65835966ef56d53a4105a7362cafdb1582b"}, {"source": "[email protected]", "tags": ["Patch"], "url": "https://github.com/libvips/libvips/pull/3604"}, {"source": "[email protected]", "tags": ["Mitigation", "Patch", "Vendor Advisory"], "url": "https://github.com/libvips/libvips/security/advisories/GHSA-33qp-9pq7-9584"}, {"source": "[email protected]", "url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/YU2FFC47X2XDEGEHEWAGLU5L3R6FEYD2/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://github.com/libvips/libvips/commit/e091d65835966ef56d53a4105a7362cafdb1582b"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://github.com/libvips/libvips/pull/3604"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mitigation", "Patch", "Vendor Advisory"], "url": "https://github.com/libvips/libvips/security/advisories/GHSA-33qp-9pq7-9584"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/YU2FFC47X2XDEGEHEWAGLU5L3R6FEYD2/"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-476"}], "source": "[email protected]", "type": "Secondary"}]}