ROS-2-1352

2.1352 Multiple vulnerabilities in libwebp 1. Vulnerability description: CVE-2020-36332 A vulnerability in the libwebp library for encoding and decoding WebP images, is related to improper control of internal resource consumption. Exploitation of the vulnerability could allow an attacker acting...

ROS-2-2215

2.2215 Multiple vulnerabilities in libwebp 1. Vulnerability Description: CVE-2020-36332 A vulnerability in the libwebp library for encoding and decoding WebP images, is related to improper control of internal resource consumption. Exploitation of the vulnerability could allow an attacker acting...

The vulnerability of the ImageIO component in operating systems such as tvOS, iOS, iPadOS, and watchOS allows a hacker to execute arbitrary code.

The vulnerability of the ImageIO component in operating systems such as tvOS, iOS, iPadOS, and watchOS relates to the execution of operations outside of the buffer in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created malicious WEBP file...

CVE-2021-24641

The Images to WebP WordPress plugin before 1.9 does not have CSRF checks in place when performing some administrative actions, which could result in modification of plugin settings, Denial-of-Service, as well as arbitrary image conversion...

CVE-2021-24644

The Images to WebP WordPress plugin before 1.9 does not validate or sanitise the tab parameter before passing it to the include function, which could lead to a Local File Inclusion issue...

Design/Logic Flaw

The Images to WebP WordPress plugin before 1.9 does not validate or sanitise the tab parameter before passing it to the include function, which could lead to a Local File Inclusion issue...

CVE-2021-24644 Images to WebP < 1.9 - Authenticated Local File Inclusion

The Images to WebP WordPress plugin before 1.9 does not validate or sanitise the tab parameter before passing it to the include function, which could lead to a Local File Inclusion issue...

EUVD-2021-11556

The Images to WebP WordPress plugin before 1.9 does not validate or sanitise the tab parameter before passing it to the include function, which could lead to a Local File Inclusion issue...

CVE-2021-24644

CVE-2021-24644 affects the Images to WebP WordPress plugin (versions prior to 1.9). The root cause is that the tab parameter is not validated/sanitized before being passed to include(), enabling Local File Inclusion. Exploitation context in connected data indicates an authenticated LFI scenario, ...

CVE-2021-24641 Images to WebP < 1.9 - Multiple Cross Site Request Forgery (CSRF)

The Images to WebP WordPress plugin before 1.9 does not have CSRF checks in place when performing some administrative actions, which could result in modification of plugin settings, Denial-of-Service, as well as arbitrary image conversion...

WordPress 路径遍历漏洞

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports personal blog sites on PHP and MySQL servers. A path traversal vulnerability exists in the WordPress plugin that stems from The Images to WebP not validating or...

WordPress 跨站请求伪造漏洞

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports personal blog sites on servers running PHP and MySQL. A cross-site request forgery vulnerability exists in the WordPress plugin that stems from The Images to WebP...

PT-2021-16161

Name of the Vulnerable Software and Affected Versions: Images to WebP WordPress plugin versions prior to 1.9 Description: The issue concerns a Local File Inclusion problem due to insufficient validation or sanitization of the tab parameter before it is passed to the include function...

Moderate: Red Hat Security Advisory: libwebp security update

An update for libwebp is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

libwebp: out-of-bounds read in WebPMuxCreateInternal()

A flaw was found in libwebp. An out-of-bounds read was found in function WebPMuxCreateInternal. The highest threat from this vulnerability is to data confidentiality and to the service availability...

libwebp security update

An update is available for libwebp. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The libwebp packages provide a library and tools for the WebP graphics format...

The vulnerability of the coders/webp.c component in the console-based image editing tool ImageMagick, which stems from the lack of checks for division by zero, allows a hacker to trigger a service failure.

The vulnerability of the coders/webp.c component in the console-based image editing tool ImageMagick is related to the lack of checks for division by zero. Exploiting this vulnerability could allow a remote attacker to cause a service failure...

WordPress Images to WebP plugin <= 1.8 - Authenticated Local File Inclusion (LFI) vulnerability

Authenticated Local File Inclusion LFI vulnerability discovered by apple502j in WordPress Images to WebP plugin versions = 1.8. Solution Update the WordPress Images to WebP plugin to the latest available version at least 1.9...

WordPress Image to WebP plugin <= 1.8 - Multiple Cross-Site Request Forgery (CSRF) vulnerabilities

Multiple Cross-Site Request Forgery CSRF vulnerabilities were discovered by apple502j in WordPress Image to WebP plugin versions = 1.8. Solution Update the WordPress Image to WebP plugin to the latest available version at least 1.9...

Images to WebP < 1.9 - Authenticated Local File Inclusion

The plugin does not validate or sanitise the tab parameter before passing it to the include function, which could lead to a Local File Inclusion issue PoC Assuming WordPress installed at C:\xampp\htdocs\wordpress,...