CVE-2026-3147Improper Restriction of Operations within the Bounds of a Memory Buffer in Vips

CWE-119Improper Restriction of Operations within the Bounds of a Memory BufferCWE-122Heap-based Buffer OverflowCWE-295Improper Certificate Validation6 documents6 sources
Severity
4.8MEDIUMNVD
EPSS
0.0%
top 93.96%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Debian VipsLibvips
Timeline
PublishedFeb 25
Latest updateMar 26

Description

A vulnerability was found in libvips up to 8.18.0. This affects the function vips_foreign_load_csv_build of the file libvips/foreign/csvload.c. The manipulation results in heap-based buffer overflow. The attack requires a local approach. The exploit has been made public and could be used. The patch is identified as b3ab458a25e0e261cbd1788474bbc763f7435780. It is advisable to implement a patch to correct this issue.

CVSS vector

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

Affected Packages3 packages

NVDlibvips/libvips8.18.0
CVEListV5libvips/libvips19 versions+18
debiandebian/vips< vips 8.18.0-3 (forky)

Patches

Patch: github.com

🔴Vulnerability Details

3
GHSA
Forge has a basicConstraints bypass in its certificate chain verification (RFC 5280 violation)2026-03-26
GHSA
GHSA-55xf-4pmg-v3xm: A vulnerability was found in libvips up to 82026-02-25
OSV
CVE-2026-3147: A vulnerability was found in libvips up to 82026-02-25

📋Vendor Advisories

1
Debian
CVE-2026-3147: vips - A vulnerability was found in libvips up to 8.18.0. This affects the function vip...2026

🕵️Threat Intelligence

1
Wiz
CVE-2026-3147 Impact, Exploitability, and Mitigation Steps | Wiz
CVE-2026-3147 — Debian Vips vulnerability | cvebase