NewStart CGSL MAIN 6.02 : libwebp Multiple Vulnerabilities (NS-SA-2022-0091)

The remote NewStart CGSL host, running version MAIN 6.02, has libwebp packages installed that are affected by multiple vulnerabilities: - A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in GetLE16. CVE-2018-25009 - A heap-based buffer overflow was found in libwebp in...

CVE-2018-25009

A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in GetLE16...

CVE-2018-25009

A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in GetLE16...

Heap overflow

A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in GetLE16...

CVE-2018-25009

A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in GetLE16...

CVE-2018-25009

A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in GetLE16...

CVE-2018-25009

CVE-2018-25009 is a heap-based buffer overflow in libwebp GetLE16() affecting versions before 1.0.1. The issue can lead to memory corruption with potential impact on confidentiality/availability. Mitigation: upgrade libwebp to 1.0.1 or later; several advisories document this fix across distributi...

CVE-2018-25009

A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in GetLE16...

libwebp/fuzz_demux_api: Heap-buffer-overflow in GetLE16

Project: https://chromium.googlesource.com/webm/libwebp Detailed report: https://oss-fuzz.com/testcase?key=5660739309142016 Project: libwebp Fuzzer: libFuzzerlibwebpfuzzdemuxapi Fuzz target binary: fuzzdemuxapi Job Type: libfuzzerasanlibwebp Platform Id: linux Crash Type: Heap-buffer-overflow REA...