Microsoft Edge (Chromium) < 116.0.1938.81 (CVE-2023-4863)

The version of Microsoft Edge installed on the remote Windows host is prior to 116.0.1938.81. It is, therefore, affected by a vulnerability as referenced in the September 12, 2023 advisory. - Heap buffer overflow in WebP in Google Chrome prior to 116.0.5845.187 allowed a remote attacker to perfor...

Security Vulnerability fixed in Firefox 117.0.1, Firefox ESR 115.2.1, Firefox ESR 102.15.1, Thunderbird 102.15.1, and Thunderbird 115.2.2 — Mozilla

Opening a malicious WebP image could lead to a heap buffer overflow in the content process. We are aware of this issue being exploited in other products in the wild. Note: This advisory was previously also tracked as CVE-2023-5129...

Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow when the ReadHuffmanCodes function is used. An attacker can craft a special WebP lossless file that triggers the ReadHuffmanCodes function to allocate the HuffmanCode buffer with a size that comes from an arra...

Heap-based Buffer Overflow

Overview Magick.NET.Core is a .NET library for ImageMagick Affected versions of this package are vulnerable to Heap-based Buffer Overflow when the ReadHuffmanCodes function is used. An attacker can craft a special WebP lossless file that triggers the ReadHuffmanCodes function to allocate the...

Heap-based Buffer Overflow

Overview CefSharp.Common is a the CefSharp Chromium-based browser component 'Core' and common 'Element' components, needed by both WPF and WinForms. Affected versions of this package are vulnerable to Heap-based Buffer Overflow when the ReadHuffmanCodes function is used. An attacker can craft a...

Heap-based Buffer Overflow

Overview ImageResizer.Plugins.FreeImage is an ImageResizer.Plugins.FreeImage contains several plugins, all based around the abilities offered by the C/C++ FreeImage library. These plugins are alpha-level. Affected versions of this package are vulnerable to Heap-based Buffer Overflow when the...

VulnCheck KEV: CVE-2023-4863

Google Chromium WebP contains a heap-based buffer overflow vulnerability that allows a remote attacker to perform an out-of-bounds memory write via a crafted HTML page. This vulnerability can affect applications that use the WebP Codec...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : exempi (SUSE-SU-2023:3518-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:3518-1 advisory. - Buffer Overflow vulnerability in WEBPSupport.cpp in exempi 2.5.0 and earlier allows remote attackers to...

CVE-2020-18652

A buffer overflow flaw was found in the exempi package. This issue occurs in WEBPSupport.cpp and may allow remote attackers to cause a denial of service via opening a crafted webp file. Mitigation Mitigation for this issue is either not available or the currently available options don't meet the...

SUSE CVE-2020-18652

Buffer Overflow vulnerability in WEBPSupport.cpp in exempi 2.5.0 and earlier allows remote attackers to cause a denial of service via opening of crafted webp file...

DEBIAN-CVE-2020-18652

Buffer Overflow vulnerability in WEBPSupport.cpp in exempi 2.5.0 and earlier allows remote attackers to cause a denial of service via opening of crafted webp file...

Buffer overflow

Buffer Overflow vulnerability in WEBPSupport.cpp in exempi 2.5.0 and earlier allows remote attackers to cause a denial of service via opening of crafted webp file...

UBUNTU-CVE-2020-18652

Buffer Overflow vulnerability in WEBPSupport.cpp in exempi 2.5.0 and earlier allows remote attackers to cause a denial of service via opening of crafted webp file...

CVE-2020-18652

Buffer Overflow vulnerability in WEBPSupport.cpp in exempi 2.5.0 and earlier allows remote attackers to cause a denial of service via opening of crafted webp file...

CVE-2020-18652

Buffer Overflow vulnerability in WEBPSupport.cpp in exempi 2.5.0 and earlier allows remote attackers to cause a denial of service via opening of crafted webp file...

exempi 缓冲区错误漏洞

exempi is an open source XMP library from libopenraw. A security vulnerability exists in exempi version 2.5.0 and earlier versions, which stems from a buffer overflow vulnerability in WEBPSupport.cpp...

CVE-2020-18652

Buffer Overflow vulnerability in WEBPSupport.cpp in exempi 2.5.0 and earlier allows remote attackers to cause a denial of service via opening of crafted webp file...

CVE-2020-18652

CVE-2020-18652 is a buffer overflow vulnerability in exempi’s WEBP_Support.cpp (affected in exempi 2.5.0 and earlier) that allows remote denial of service by opening a crafted webp file. Connected advisories from MiracleLinux, TencentOS, Rocky Linux, Oracle Linux, Red Hat, AlmaLinux, CentOS, etc....

PT-2023-11505 · Exempi +6 · Exempi +6

Name of the Vulnerable Software and Affected Versions: exempi versions 2.5.0 and earlier Description: The issue allows remote attackers to cause a denial of service via the opening of crafted webp files. This is due to a Buffer Overflow vulnerability in the WEBP Support.cpp file. Recommendations:...

libwebp security update

CentOS Errata and Security Advisory CESA-2023:2077 An update for libwebp is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...