MiracleLinux 8 : thunderbird-102.10.0-2.el8.ML.1 (AXSA:2023-5300:14)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-5300:14 advisory. Thunderbird: Revocation status of S/Mime recipient certificates was not checked CVE-2023-0547 Mozilla: Matrix SDK bundled with Thunderbird vulnerabl...

Mozilla: libwebp: Double-free in libwebp

The Mozilla Foundation Security Advisory describes this flaw as: A double-free in libwebp could have led to memory corruption and a potentially exploitable crash...

libwebp: excessive memory allocation when reading a file

A flaw was found in libwebp. When reading a file libwebp allocates an excessive amount of memory. The highest threat from this vulnerability is to the service availability...

libwebp: use of uninitialized value in ReadSymbol()

A flaw was found in libwebp. An unitialized variable is used in function ReadSymbol. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

libwebp: use of uninitialized value in ReadSymbol()

A flaw was found in libwebp. An unitialized variable is used in function ReadSymbol. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

A flaw was found in libwebp in versions before 1.0.1. When reading a file libwebp allocates an excessive amount of memory. The highest threat from this vulnerability is to the service availability.

...