Advisory ROSA-SA-2025-3064

Software: libwebp 1.0.0 OS: ROSA Virtualization 2.1 unaffected versions = libwebp-1.0.0.0-10.0.1.rv3 affected versions libwebp-1.0.0.0-10.0.1.rv3 CVE-ID: CVE-2023-4863 BDU-ID: TO600, TO601, TO675, TO797, TO826 CVE-Crit: CRITICAL CVE-DESC.: A vulnerability in the libwebp library for WebP image...

The vulnerability of the OpenJPEG library for image encoding and decoding, related to uncontrolled resource consumption, allows a perpetrator to cause a service failure.

The vulnerability of the OpenJPEG library for image encoding and decoding is related to uncontrolled resource consumption. Exploiting this vulnerability can allow an attacker to cause a service failure using a specially created file...

The vulnerability of the OpenJPEG library for image encoding and decoding, which arises due to insufficient validation of input data, allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability in the src/lib/openjp2/t2.c file of the OpenJPEG image encoding and decoding library exists due to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected...