CVE-2026-3284 | libvips 8.19.0 extract.c vips_extract_area_build extract_area integer overflow (Issue 4879)

Inserito da Angelo Barbosa | Feb 26, 2026 | CVE

A vulnerability classified as problematic was found in libvips 8.19.0. Impacted is the function vips_extract_area_build of the file libvips/conversion/extract.c. The manipulation of the argument extract_area results in integer overflow.

This vulnerability is reported as CVE-2026-3284. The attack requires a local approach. Moreover, an exploit is present.

It is advisable to implement a patch to correct this issue.

CVE-2026-3284 | libvips 8.19.0 extract.c vips_extract_area_build extract_area integer overflow (Issue 4879)

Post correlati

CVE-2024-42181 | HCL DRYiCE MyXalytics 6.3 Communication Channel cleartext transmission (KB0118149)

CVE-2025-5884 | Konica Minolta bizhub up to 20250202 Display MFP Information List Model Name cross site scripting

CVE-2024-4805 | Kashipara College Management System 1.0 edit_faculty.php id sql injection

CVE-2025-6572 | OpenStreetMap for Gutenberg and WPBakery Page Builder Plugin Block Option cross site scripting