278 matches found
Important: rclone
Issue Overview: The webp decoder can panic when processing a VP8 chunk with dimensions that do not match the canvas size. CVE-2026-46601 The TIFF decoder does not set a limit on the size of tiles in tiled images, permitting a malicious or corrupt image containing a very large tile to cause...
Linux Distros Unpatched Vulnerability : CVE-2026-46601
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The webp decoder can panic when processing a VP8 chunk with dimensions that do not match the canvas size. CVE-2026-46601 Note that Nessus relies on the presence...
CVE-2026-46601
A flaw was found in the golang.org/x/image/webp library's WebP decoder. A remote attacker could exploit this vulnerability by providing a specially crafted WebP image containing a VP8 chunk with mismatched dimensions. This could cause the decoder to panic, leading to a denial of service DoS for...
CVE-2026-46601
The CVE refers to a panic in the golang.org/x/image webp decoder when processing a VP8 chunk whose alpha channel size does not match the canvas size. Affected component: the WebP decoder in x/image/webp. Root cause: mismatch between VP8 chunk dimensions and the canvas size triggers a panic (crash...
GO-2026-5061 Panic on VP8 alpha channel size mismatch in x/image/webp in golang.org/x/image
The webp decoder can panic when processing a VP8 chunk with dimensions that do not match the canvas size...
OSV-2026-889 Use-of-uninitialized-value in vp8_compute_skin_block
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=520701729 Crash type: Use-of-uninitialized-value Crash state: vp8computeskinblock encodeframetodatarate vp8getcompresseddata...
OSV-2026-868 Use-of-uninitialized-value in vp8_regular_quantize_b_sse4_1
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=520318421 Crash type: Use-of-uninitialized-value Crash state: vp8regularquantizebsse41 macroblockyrd vp8rdpickintramode...
Astra Linux – Vulnerabilities in Chromium, Firefox, Thunderbird, and LibVpx
A heap buffer overflow occurred in the vp8 encoding process in libvpx within Google Chrome before version 117.0.5938.132. In version 1.13.1 of libvpx, a remote attacker could potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...
JLSEC-2026-375
Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
Important: Red Hat Security Advisory: libvpx security update
An update for libvpx is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
Important: Red Hat Security Advisory: libvpx security update
An update for libvpx is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
Important: Red Hat Security Advisory: libvpx security update
An update for libvpx is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
Important: Red Hat Security Advisory: libvpx security update
An update for libvpx is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring Syst...
RHEL 10 : libvpx (RHSA-2026:5227)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:5227 advisory. The libvpx packages provide the VP8 SDK, which allows the encoding and decoding of the VP8 video codec, commonly used with the WebM multimedia...
RLSA-2023:5537 Important: libvpx security update
The libvpx packages provide the VP8 SDK, which allows the encoding and decoding of the VP8 video codec, commonly used with the WebM multimedia container file format. Security Fixes: libvpx: Heap buffer overflow in vp8 encoding in libvpx CVE-2023-5217 libvpx: crash related to VP9 encoding in libvp...
RockyLinux 8 : libvpx (RLSA-2023:5537)
The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:5537 advisory. libvpx: Heap buffer overflow in vp8 encoding in libvpx CVE-2023-5217 libvpx: crash related to VP9 encoding in libvpx CVE-2023-44488 Tenable has extracted...
RLSA-2026:4629 Important: libvpx security update
The libvpx packages provide the VP8 SDK, which allows the encoding and decoding of the VP8 video codec, commonly used with the WebM multimedia container file format. Security Fixes: libvpx: Heap buffer overflow in libvpx CVE-2026-2447 For more details about the security issues, including the...
libvpx security update
An update is available for libvpx. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The libvpx packages provide the VP8 SDK, which allows the encoding and decodi...
ALSA-2026:4629 Important: libvpx security update
The libvpx packages provide the VP8 SDK, which allows the encoding and decoding of the VP8 video codec, commonly used with the WebM multimedia container file format. Security Fixes: libvpx: Heap buffer overflow in libvpx CVE-2026-2447 For more details about the security issues, including the...
ALSA-2026:3967 Important: libvpx security update
The libvpx packages provide the VP8 SDK, which allows the encoding and decoding of the VP8 video codec, commonly used with the WebM multimedia container file format. Security Fixes: libvpx: Heap buffer overflow in libvpx CVE-2026-2447 For more details about the security issues, including the...