MiracleLinux 7 : libwebp-0.3.0-10.el7 (AXSA:2021-1858:01)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2021-1858:01 advisory. libwebp: heap-based buffer overflow in PutLE16 CVE-2018-25011 libwebp: heap-based buffer overflow in WebPDecodeInto functions CVE-2020-36328 libwebp...

MiracleLinux 8 : libwebp-1.0.0-3.el8 (AXSA:2021-2201:02)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2201:02 advisory. libwebp: heap-based buffer overflow in PutLE16 CVE-2018-25011 libwebp: heap-based buffer overflow in WebPDecodeInto functions CVE-2020-36328 libwebp...

Alibaba Cloud Linux 3 : 0038: libwebp (ALINUX3-SA-2021:0038)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2021:0038 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2018-25011: A flaw was found in libweb...

ROS-2-1453

2.1453 Multiple vulnerabilities in libwebp 1. Vulnerability description: CVE-2020-36332 A vulnerability in the libwebp library for encoding and decoding WebP images, is related to improper control of internal resource consumption. Exploitation of the vulnerability could allow an attacker acting...

NewStart CGSL CORE 5.05 / MAIN 5.05 : qt5-qtimageformats Multiple Vulnerabilities (NS-SA-2022-0032)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has qt5-qtimageformats packages installed that are affected by multiple vulnerabilities: - A flaw was found in libwebp in versions before 1.0.1. A heap-based buffer overflow was found in PutLE16. The highest threat from this...

EulerOS 2.0 SP2 : libwebp (EulerOS-SA-2021-2403)

According to the versions of the libwebp package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds read was found in function ChunkAssignData. The highest threat from this...

ROS-2-692

2.692 Multiple vulnerabilities in libwebp 1. Vulnerability Description: CVE-2020-36332 A vulnerability in the libwebp library for encoding and decoding WebP images, is related to improper control of internal resource consumption. Exploitation of the vulnerability could allow an attacker acting...

ROS-2-1486

2.1486 Multiple vulnerabilities in libwebp 1. Vulnerability Description: CVE-2020-36332 A vulnerability in the libwebp library for encoding and decoding WebP images, is related to improper control of internal resource consumption. Exploitation of the vulnerability could allow an attacker acting...

openSUSE 15 Security Update : libwebp (openSUSE-SU-2021:1860-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:1860-1 advisory. - A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds read was found in function WebPMuxCreateInternal. The highest thre...

openSUSE: Security Advisory for libwebp (openSUSE-SU-2021:1860-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Security update for libwebp (critical)

openSUSE Security Update: Security update for libwebp Announcement ID: openSUSE-SU-2021:1860-1 Rating: critical References: 1185652 1185654 1185673 1185674 1185685 1185686 1185688 1185690 1185691 1186247 Cross-References: CVE-2018-25009 CVE-2018-25010 CVE-2018-25011 CVE-2018-25012 CVE-2018-25013...

Important: libwebp

Issue Overview: A flaw was found in libwebp. A heap-based buffer overflow was found in PutLE16. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. CVE-2018-25011 A flaw was found in libwebp in versions before 1.0.1. A heap-based...

EulerOS Virtualization for ARM 64 3.0.2.0 : libwebp (EulerOS-SA-2021-2104)

According to the versions of the libwebp package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - A flaw was found in libwebp. An out-of-bounds read was found in function ChunkAssignData. The highest threat from this...

Amazon Linux 2 : qt5-qtimageformats (ALAS-2021-1679)

The version of qt5-qtimageformats installed on the remote host is prior to 5.9.2-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2021-1679 advisory. A flaw was found in libwebp. A heap-based buffer overflow was found in PutLE16. The highest threat from this...

CentOS 8 : libwebp (CESA-2021:2354)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2021:2354 advisory. - libwebp: heap-based buffer overflow in PutLE16 CVE-2018-25011 - libwebp: heap-based buffer overflow in WebPDecodeInto functions CVE-2020-36328 -...

USN-4971-1: libwebp vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description It was discovered that libwebp incorrectly handled certain malformed images. If a user or automated system were tricked into opening a specially crafted image file, a remote attacker could use this issue ...

[SECURITY] [DSA 4930-1] libwebp security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4930-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff June 10, 2021 https://www.debian.org/security/faq -...

Ubuntu 16.04 ESM : libwebp vulnerabilities (USN-4971-2)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4971-2 advisory. USN-4971-1 fixed several vulnerabilities in libwebp. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Tenable has...

Oracle Linux 8 : libwebp (ELSA-2021-2354)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-2354 advisory. 1.0.0-3 - Added fixes for rhbz1956829, rhbz1956843, rhbz1956919 Tenable has extracted the preceding description block directly from the Oracle Linux...

RHEL 8 : libwebp (RHSA-2021:2364)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:2364 advisory. The libwebp packages provide a library and tools for the WebP graphics format. WebP is an image format with a lossy compression of digital...