ASB-A-299477569

In BuildHuffmanTable of huffmanutils.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

Heap Buffer Overflow

various libraries that include webp are vulnerable to Heap Buffer Overflow. The vulnerability is caused by an out of bounds heap memory write in a function BuildHuffmanTable in file src/dec/vp8ldec.c in library libwebp. This can potentially overwrite adjacent memory and corrupt data and can be...

Heap Buffer Overflow

libwebp.so is vulnerable to Out Of Bounds Memory Write. The vulnerability is due to the BuildHuffmanTable function in src/dec/vp8ldec.c improperly allocating memory to the table when parsing a stream, which results in an application crash or Arbitrary Code Execution when reading a crafted webp...

RUSTSEC-2023-0061 libwebp: OOB write in BuildHuffmanTable

Google and Mozilla have released security advisories for RCE due to heap overflow in libwebp. Google warns the vulnerability has been exploited in the wild. libwebp needs to be updated to 1.3.2 to include a patch for "OOB write in BuildHuffmanTable"...

RUSTSEC-2023-0060 libwebp: OOB write in BuildHuffmanTable

Google and Mozilla have released security advisories for RCE due to heap overflow in libwebp. Google warns the vulnerability has been exploited in the wild. libwebp needs to be updated to 1.3.2 to include a patch for "OOB write in BuildHuffmanTable"...