Lucene search
K

59 matches found

BDU FSTEC
BDU FSTEC
added 2021/06/18 12:0 a.m.4 views

The vulnerability of the libwebp library regarding the encoding and decoding of WebP images, which involves reading beyond the buffer in memory, allows attackers to access confidential information.

The vulnerability of the libwebp library for encoding and decoding WebP images is related to reading beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a remote attacker to gain access to confidential information by creating a specially crafted file...

4.2CVSS7.9AI score0.02051EPSS
Exploits0References14Affected Software5
BDU FSTEC
BDU FSTEC
added 2021/06/18 12:0 a.m.6 views

The vulnerability of the libwebp library regarding the encoding and decoding of WebP images allows for uncontrolled resource consumption, enabling attackers to cause service failures.

The vulnerability of the libwebp library for encoding and decoding WebP images is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a remote attacker to cause service interruptions...

5CVSS7.5AI score0.01966EPSS
Exploits0References11Affected Software4
BDU FSTEC
BDU FSTEC
added 2021/06/18 12:0 a.m.5 views

The vulnerability of the libwebp library regarding the encoding and decoding of WebP images, which is related to buffer overflow in the “heap”, allows attackers to execute arbitrary code.

The vulnerability of the libwebp library for encoding and decoding WebP images is related to buffer overflow in the “bucket” mechanism. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code by creating a specially crafted file...

10CVSS8.6AI score0.02662EPSS
Exploits0References13Affected Software5
BDU FSTEC
BDU FSTEC
added 2021/06/18 12:0 a.m.6 views

The vulnerability of the libwebp library lies in its ability to encode and decode WebP images, which involves the use of an uninitialized variable. This allows attackers to execute arbitrary code.

The vulnerability of the libwebp library for encoding and decoding WebP images is related to the use of an uninitialized variable. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

10CVSS8.1AI score0.0223EPSS
Exploits0References13Affected Software5
Veracode
Veracode
added 2021/06/11 10:31 a.m.29 views

Arbitrary Code Execution

libwebp is vulnerable to arbitrary code execution. A heap-based buffer overflow in the function WebPDecodeRGBInto allows an attacker to execute arbitrary code on the host OS...

9.8CVSS4.1AI score0.02662EPSS
Exploits0References9Affected Software2
RedHat Linux
RedHat Linux
added 2021/06/09 1:55 p.m.9 views

libwebp: heap-based buffer overflow in PutLE16()

A flaw was found in libwebp. A heap-based buffer overflow was found in PutLE16. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

9.8CVSS7.5AI score0.02513EPSS
Exploits0References4
OSV
OSV
added 2021/06/01 11:29 a.m.3 views

USN-4971-1 libwebp vulnerabilities

It was discovered that libwebp incorrectly handled certain malformed images. If a user or automated system were tricked into opening a specially crafted image file, a remote attacker could use this issue to cause libwebp to crash, resulting in a denial of service, or possibly execute arbitrary co...

9.8CVSS7.2AI score0.02662EPSS
Exploits0References12
CNVD
CNVD
added 2021/05/24 12:0 a.m.10 views

Libwebp out-of-bounds read vulnerability (CNVD-2021-37659)

Libwebp is a WebP image format encoding and decoding library . A security vulnerability exists in versions of Libwebp prior to 1.0.1. An attacker could exploit the vulnerability to threaten data confidentiality and service availability...

9.1CVSS6.7AI score0.021EPSS
Exploits0References1
CNVD
CNVD
added 2021/05/24 12:0 a.m.12 views

Libwebp out-of-bounds read vulnerability (CNVD-2021-37657)

Libwebp is a WebP image format encoding and decoding library . A security vulnerability exists in versions of Libwebp prior to 1.0.1. An attacker could exploit the vulnerability to threaten data confidentiality and service availability...

9.1CVSS6.7AI score0.02302EPSS
Exploits0References1
CNVD
CNVD
added 2021/05/24 12:0 a.m.8 views

Libwebp out-of-bounds read vulnerability (CNVD-2021-37654)

Libwebp is a WebP image format encoding and decoding library . An out-of-bounds read vulnerability exists in Libwebp versions prior to 1.0.1. An attacker could exploit the vulnerability to threaten data confidentiality and service availability...

9.1CVSS6.5AI score0.0223EPSS
Exploits0References1
CNVD
CNVD
added 2021/05/24 12:0 a.m.7 views

Libwebp out-of-bounds read vulnerability (CNVD-2021-37661)

Libwebp is a WebP image format encoding and decoding library . A security vulnerability exists in versions of Libwebp prior to 1.0.1. An attacker could exploit the vulnerability to threaten data confidentiality and service availability...

9.1CVSS6.7AI score0.02051EPSS
Exploits0References1
CNVD
CNVD
added 2021/05/24 12:0 a.m.12 views

Libwebp Reuse After Release Vulnerability

Libwebp is a WebP image format encoding and decoding library . A post-release reuse vulnerability exists in Libwebp versions prior to 1.0.1. An attacker could exploit this vulnerability to affect confidentiality, integrity, and availability...

9.8CVSS6.6AI score0.02319EPSS
Exploits0References1
CNVD
CNVD
added 2021/05/24 12:0 a.m.5 views

Libwebp heap buffer overflow vulnerability (CNVD-2021-37655)

Libwebp is a WebP image format encoding and decoding library . A security vulnerability exists in versions of Libwebp prior to 1.0.1. The vulnerability stems from a heap buffer overflow in the WebPDecodeRGBInto function, caused by an invalid check of the buffer size. An attacker can exploit the...

9.8CVSS7.3AI score0.02662EPSS
Exploits0References1
CNVD
CNVD
added 2021/05/24 12:0 a.m.4 views

Libwebp Uninitialized Variable Usage Vulnerability

Libwebp is a WebP image format encoding and decoding library . A security vulnerability exists in versions of Libwebp prior to 1.0.1. The vulnerability stems from the use of a single variable in the ReadSymbol function. An attacker could exploit the vulnerability to threaten data confidentiality...

9.8CVSS6.7AI score0.0223EPSS
Exploits0References1
CNVD
CNVD
added 2021/05/24 12:0 a.m.7 views

Libwebp Out-of-Bounds Read Vulnerability

Libwebp is a WebP image format encoding and decoding library . A security vulnerability exists in versions of Libwebp prior to 1.0.1. The vulnerability stems from a read out-of-bounds in WebPMuxCreateInternal and can be exploited by an attacker to threaten data confidentiality and service...

9.1CVSS6.6AI score0.02051EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/05/21 12:0 a.m.4 views

libwebp 安全漏洞

Libwebp is a WebP image format encoding and decoding library . A security vulnerability exists in versions of Libwebp prior to 1.0.1. The vulnerability stems from the use of a single variable in the ReadSymbol function. An attacker could exploit the vulnerability to threaten data confidentiality...

9.8CVSS7.4AI score0.0223EPSS
Exploits0References33
UbuntuCve
UbuntuCve
added 2020/12/31 12:0 a.m.33 views

CVE-2020-36330

A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds read was found in function ChunkVerifyAndAssign. The highest threat from this vulnerability is to data confidentiality and to the service availability...

9.1CVSS7.1AI score0.0223EPSS
Exploits0References3
CNVD
CNVD
added 2019/05/29 12:0 a.m.6 views

Libwebp Resource Management Error Vulnerability

Libwebp is a WebP image format encoding and decoding library . A resource management error vulnerability exists in libwebpmux in Libwebp version 0.5.1. The vulnerability arises from mismanagement of system resources e.g., memory, disk space, files, etc. by a network system or product. No detailed...

7.5CVSS6.7AI score0.01355EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2018/07/30 12:0 a.m.2 views

PT-2018-3681 · Google +8 · Libwebp +8

Name of the Vulnerable Software and Affected Versions: libwebp versions prior to 1.0.1 Description: The issue is related to a heap-based buffer overflow in the libwebp library, which is used for encoding and decoding WebP images. This overflow can be exploited by a remote attacker to execute...

10CVSS8.7AI score0.02662EPSS
Exploits0References126
Rows per page
Query Builder