The vulnerability of Firefox browsers relates to the execution of operations beyond the buffer boundaries in memory, allowing an attacker to execute arbitrary code or cause a service failure.

The vulnerability of Firefox browsers stems from the issue of operations going beyond the buffer in memory when processing WebP format files. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or cause a service failure by using a specially created malicious web page...

Mozilla Firefox Security Advisory (MFSA2022-20) - Mac OS X

Mozilla Firefox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefox";...

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : Exempi vulnerabilities (USN-5483-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5483-1 advisory. It was discovered that Exempi incorrectly handled certain media files. If a user or automated system were tricked into opening a...

Mozilla Firefox Buffer Overflow Vulnerability (CNVD-2023-06866)

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. Mozilla Firefox suffers from a buffer overflow vulnerability that originates from a possible memory corruption when manipulating webp images. An attacker could use the vulnerability to cause...

Mozilla Firefox 资源管理错误漏洞

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. Mozilla Firefox suffers from a buffer overflow vulnerability that originates from a possible memory corruption when manipulating webp images. An attacker could use the vulnerability to cause...

Apple macOS ImageIO WebP File Parsing Integer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. Interaction with the ImageIO library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the parsing of...

Fedora: Security Advisory for libwebp (FEDORA-2022-6746739d52)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

The vulnerability of the ImageIO component in iOS, iPadOS, tvOS, watchOS, and macOS allows attackers to gain access to confidential information.

The vulnerability of the ImageIO component in iOS, iPadOS, tvOS, watchOS, and macOS relates to reading data beyond the buffer in memory. Exploiting this vulnerability can allow attackers to access confidential information through a specially created malicious WEBP file...

WordPress WebP Converter for Media plugin input validation error vulnerability

WordPress is the WordPress Foundation's set of blogging platforms developed using the PHP language. The platform supports the hosting of personal blogging sites on servers with PHP and MySQL.The WordPress plugin WebP Converter for Media prior to version 4.0.3 is vulnerable to an input validation...

WordPress WebP Converter for Media Plugin < 4.0.3 Open Redirect Vulnerability

The WordPress plugin Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it...

CVE-2021-25074

The WebP Converter for Media WordPress plugin before 4.0.3 contains a file passthru.php which does not validate the src parameter before redirecting the user to it, leading to an Open Redirect issue...

CVE-2021-25074

The WebP Converter for Media WordPress plugin before 4.0.3 contains a file passthru.php which does not validate the src parameter before redirecting the user to it, leading to an Open Redirect issue...

Open redirect

The WebP Converter for Media WordPress plugin before 4.0.3 contains a file passthru.php which does not validate the src parameter before redirecting the user to it, leading to an Open Redirect issue...

CVE-2021-25074 WebP Converter for Media < 4.0.3 - Unauthenticated Open redirect

The WebP Converter for Media WordPress plugin before 4.0.3 contains a file passthru.php which does not validate the src parameter before redirecting the user to it, leading to an Open Redirect issue...

CVE-2021-25074

The CVE-2021-25074 entry refers to the WordPress WebP Converter for Media plugin prior to version 4.0.3, where the passthru.php file does not validate the src parameter before redirecting, causing an Unauthenticated Open Redirect. The vulnerability affects the plugin’s WordPress integration and c...

WordPress plugin 输入验证错误漏洞

WordPress is the WordPress Foundation's set of blogging platforms developed using the PHP language. The platform supports the hosting of personal blogging sites on servers with PHP and MySQL.The WordPress plugin WebP Converter for Media prior to version 4.0.3 is vulnerable to an input validation...

CVE-2021-46104

An issue was discovered in webpservergo 0.4.0. There is a directory traversal vulnerability that can read arbitrary file information on the server...

Webp_Server_Go 路径遍历漏洞

WebpServerGo is a Go version of WebP Server. It is used to instantly compress Jpg/Png into WebP format. A path traversal vulnerability exists in WebpServerGo version 0.4.0, which stems from a lack of filtering and escaping of directory special characters in the software, resulting in a directory...

WebP Converter for Media < 4.0.3 - Unauthenticated Open redirect

The plugin contains a file passthru.php which does not validate the src parameter before redirecting the user to it, leading to an Open Redirect issue https://example.com/wp-content/plugins/webp-converter-for-media/includes/passthru.php?src=https://wpscan.com...

WordPress WebP Converter for Media plugin <= 4.0.2 - Unauthenticated Open redirect vulnerability

Unauthenticated Open redirect vulnerability discovered by Krzysztof Zając in WordPress WebP Converter for Media plugin versions = 4.0.2. Solution Update the WordPress WebP Converter for Media plugin to the latest available version at least 4.0.3...