Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
webmproject libwebp vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-4863
Heap buffer overflow in libwebp in Google Chrome before 116.0.5845.187 and libwebp 1.3.2 allowed a remote malicious user to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical)
Google Chrome
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Fedoraproject Fedora 39
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
Mozilla Firefox
Mozilla Thunderbird
Mozilla Firefox Esr
Microsoft Edge
Webmproject Libwebp
20 Github repositories
5 Articles
NA
CVE-2023-1999
There exists a use after free/double free in libwebp. An attacker can use the ApplyFiltersAndEncode() function and loop through to free best.bw and assign best = trial pointer. The second loop will then return 0 because of an Out of memory error in VP8 encoder, the pointer is sti...
Webmproject Libwebp
570
VMScore
CVE-2020-36330
A flaw was found in libwebp in versions prior to 1.0.1. An out-of-bounds read was found in function ChunkVerifyAndAssign. The highest threat from this vulnerability is to data confidentiality and to the service availability.
Webmproject Libwebp
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Redhat Enterprise Linux 8.0
Netapp Ontap Select Deploy Administration Utility -
Apple Ipados
Apple Iphone Os
570
VMScore
CVE-2020-36331
A flaw was found in libwebp in versions prior to 1.0.1. An out-of-bounds read was found in function ChunkAssignData. The highest threat from this vulnerability is to data confidentiality and to the service availability.
Webmproject Libwebp
Redhat Enterprise Linux 8.0
Netapp Ontap Select Deploy Administration Utility -
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Apple Iphone Os
Apple Ipados
570
VMScore
CVE-2018-25010
A heap-based buffer overflow was found in libwebp in versions prior to 1.0.1 in ApplyFilter().
Webmproject Libwebp
Redhat Enterprise Linux 8.0
1 Github repository
570
VMScore
CVE-2018-25009
A heap-based buffer overflow was found in libwebp in versions prior to 1.0.1 in GetLE16().
Webmproject Libwebp
Redhat Enterprise Linux 8.0
570
VMScore
CVE-2018-25012
A heap-based buffer overflow was found in libwebp in versions prior to 1.0.1 in GetLE24().
Webmproject Libwebp
Redhat Enterprise Linux 8.0
570
VMScore
CVE-2018-25013
A heap-based buffer overflow was found in libwebp in versions prior to 1.0.1 in ShiftBytes().
Webmproject Libwebp
Redhat Enterprise Linux 8.0
668
VMScore
CVE-2018-25014
A use of uninitialized value was found in libwebp in versions prior to 1.0.1 in ReadSymbol().
Webmproject Libwebp
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 8.0
668
VMScore
CVE-2020-36328
A flaw was found in libwebp in versions prior to 1.0.1. A heap-based buffer overflow in function WebPDecodeRGBInto is possible due to an invalid check for buffer size. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availabili...
Webmproject Libwebp
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 8.0
Netapp Ontap Select Deploy Administration Utility -
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Apple Ipados 14.7
Apple Iphone Os 14.7
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
denial of service
CVE-2024-27371
CVE-2024-20405
CVE-2024-31627
CVE-2024-31625
race condition
CVE-2024-4358
cross-site scripting
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »