2400373 – (CVE-2025-59933) CVE-2025-59933 libvips: libvips Buffer Over-Read

Bug 2400373 (CVE-2025-59933) - CVE-2025-59933 libvips: libvips Buffer Over-Read

Summary: CVE-2025-59933 libvips: libvips Buffer Over-Read

Keywords:
Status:	NEW
Alias:	CVE-2025-59933
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Product Security DevOps Team
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	2401081
Blocks:
TreeView+	depends on / blocked

Reported:	2025-09-29 23:01 UTC by OSIDB Bzimport
Modified:	2025-10-02 16:20 UTC (History)
CC List:	0 users
Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Description OSIDB Bzimport 2025-09-29 23:01:37 UTC

libvips is a demand-driven, horizontally threaded image processing library. For versions 8.17.1 and below, when libvips is compiled with support for PDF input via poppler, the pdfload operation is affected by a buffer read overflow when parsing the header of a crafted PDF with a page that defines a width but not a height. Those using libvips compiled without support for PDF input are unaffected as well as thosewith support for PDF input via PDFium. This issue is fixed in version 8.17.2. A workaround for those affected is to block the VipsForeignLoadPdf operation via vips_operation_block_set, which is available in most language bindings, or to set VIPS_BLOCK_UNTRUSTED environment variable at runtime, which will block all untrusted loaders including PDF input via poppler.

Note You need to log in before you can comment on or make changes to this bug.