2 matches found
CVE-2025-40779
If a DHCPv4 client sends a request with some specific options, and Kea fails to find an appropriate subnet for the client, the kea-dhcp4 process will abort with an assertion failure. This happens only if the client request is unicast directly to Kea; broadcast messages do not cause the problem...
CVE-2025-52456
A memory corruption vulnerability exists in the WebP Image Decoding functionality of the SAIL Image Decoding Library v0.9.8. When loading a specially crafted .webp animation an integer overflow can be made to occur when calculating the stride for decoding. Afterwards, this will cause a heap-based...