Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
webmproject libwebp vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2023-1999
There exists a use after free/double free in libwebp. An attacker can use the ApplyFiltersAndEncode() function and loop through to free best.bw and assign best = trial pointer. The second loop will then return 0 because of an Out of memory error in VP8 encoder, the pointer is sti...
Webmproject Libwebp
7.5
CVSSv3
CVE-2016-9969
In libwebp 0.5.1, there is a double free bug in libwebpmux.
Webmproject Libwebp 0.5.1
9.1
CVSSv3
CVE-2018-25009
A heap-based buffer overflow was found in libwebp in versions prior to 1.0.1 in GetLE16().
Webmproject Libwebp
Redhat Enterprise Linux 8.0
9.1
CVSSv3
CVE-2018-25010
A heap-based buffer overflow was found in libwebp in versions prior to 1.0.1 in ApplyFilter().
Webmproject Libwebp
Redhat Enterprise Linux 8.0
1 Github repository
9.1
CVSSv3
CVE-2018-25012
A heap-based buffer overflow was found in libwebp in versions prior to 1.0.1 in GetLE24().
Webmproject Libwebp
Redhat Enterprise Linux 8.0
9.1
CVSSv3
CVE-2018-25013
A heap-based buffer overflow was found in libwebp in versions prior to 1.0.1 in ShiftBytes().
Webmproject Libwebp
Redhat Enterprise Linux 8.0
9.8
CVSSv3
CVE-2018-25011
A heap-based buffer overflow was found in libwebp in versions prior to 1.0.1 in PutLE16().
Webmproject Libwebp
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 8.0
9.8
CVSSv3
CVE-2018-25014
A use of uninitialized value was found in libwebp in versions prior to 1.0.1 in ReadSymbol().
Webmproject Libwebp
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 8.0
7.5
CVSSv3
CVE-2020-36332
A flaw was found in libwebp in versions prior to 1.0.1. When reading a file libwebp allocates an excessive amount of memory. The highest threat from this vulnerability is to the service availability.
Webmproject Libwebp
Redhat Enterprise Linux 8.0
Debian Debian Linux 10.0
Netapp Ontap Select Deploy Administration Utility -
9.1
CVSSv3
CVE-2020-36330
A flaw was found in libwebp in versions prior to 1.0.1. An out-of-bounds read was found in function ChunkVerifyAndAssign. The highest threat from this vulnerability is to data confidentiality and to the service availability.
Webmproject Libwebp
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Redhat Enterprise Linux 8.0
Netapp Ontap Select Deploy Administration Utility -
Apple Ipados
Apple Iphone Os
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »