CVE-2026-33813

A flaw was found in golang.org/x/image. A remote attacker could exploit this vulnerability by providing a specially crafted WEBP image with an invalid, large size. This could cause the application to panic and crash on 32-bit platforms, leading to a Denial of Service DoS...

SUSE CVE-2026-33813

Parsing a WEBP image with an invalid, large size panics on 32-bit platforms...

CVE-2026-33813

Parsing a WEBP image with an invalid, large size panics on 32-bit platforms...

CVE-2026-33813

CVE-2026-33813 affects decoding of WEBP images in golang.org/x/image. The issue occurs when parsing a WEBP image with an invalid, large size on 32-bit platforms, causing a panic. Connected sources corroborate that this is a panic condition specific to large/invalid sizes on 32-bit architectures; ...

CVE-2026-33813

Parsing a WEBP image with an invalid, large size panics on 32-bit platforms...

EUVD-2026-24247

Parsing a WEBP image with an invalid, large size panics on 32-bit platforms...

GO-2026-4961 Panic when decoding large WEBP image on 32-bit platforms in golang.org/x/image

Parsing a WEBP image with an invalid, large size panics on 32-bit platforms...

PT-2026-34050

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description Parsing a WEBP image with an invalid, large size causes a panic on 32-bit platforms. Recommendations At the moment, there is no information about a newer version...

CVE-2026-24530 WordPress WebP Conversion plugin <= 2.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in sheepfish WebP Conversion webp-conversion allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WebP Conversion: from n/a through = 2.2...

MiracleLinux 8 : exiv2-0.27.4-5.el8 (AXSA:2021-2752:04)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2752:04 advisory. exiv2: Heap-based buffer overflow in Jp2Image::readMetadata CVE-2021-3482 exiv2: Heap-based buffer overflow in Exiv2::Jp2Image::doWriteMetadata...

MiracleLinux 8 : exempi-2.4.5-4.el8 (AXSA:2024-8237:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8237:01 advisory. exempi: denial of service via opening of crafted audio file with ID3V2 frame CVE-2020-18651 exempi: denial of service via opening of crafted webp fi...

PT-2025-47285

Name of the Vulnerable Software and Affected Versions Enable SVG, WebP, and ICO Upload plugin for WordPress versions up to and including 1.1.2 Description The Enable SVG, WebP, and ICO Upload plugin for WordPress is susceptible to arbitrary file upload due to insufficient file type validation whe...

EUVD-2018-19201

Malware in sbrugna...

EUVD-2012-5050

Malware in sbrugna...

EUVD-2019-4652

Malware in sbrugna...

EUVD-2012-6319

Malware in sbrugna...

EUVD-2020-9057

Malware in sbrugna...

EUVD-2023-34625

Malicious code in bioql PyPI...

PT-2025-34622 · Unknown · Sail Image Decoding Library

Name of the Vulnerable Software and Affected Versions: SAIL Image Decoding Library version 0.9.8 Description: A memory corruption issue exists in the WebP Image Decoding functionality. Loading a specially crafted .webp animation can cause an integer overflow when calculating the stride for...

CVE-2012-6466

Opera before 12.10 does not properly handle incorrect size data in a WebP image, which allows remote attackers to obtain potentially sensitive information from process memory by using a crafted image as the fill pattern for a canvas...