SUSE CVE-2020-36328

A flaw was found in libwebp in versions before 1.0.1. A heap-based buffer overflow in function WebPDecodeRGBInto is possible due to an invalid check for buffer size. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

Arbitrary Code Execution

libwebp is vulnerable to arbitrary code execution. A heap-based buffer overflow in the function WebPDecodeRGBInto allows an attacker to execute arbitrary code on the host OS...

A flaw was found in libwebp in versions before 1.0.1. A heap-based buffer overflow in function WebPDecodeRGBInto is possible due to an invalid check for buffer size. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

...

DEBIAN-CVE-2020-36328

A flaw was found in libwebp in versions before 1.0.1. A heap-based buffer overflow in function WebPDecodeRGBInto is possible due to an invalid check for buffer size. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

PT-2020-6121 · Google +8 · Libwebp +8

Name of the Vulnerable Software and Affected Versions: libwebp versions prior to 1.0.1 Description: The issue is related to a heap-based buffer overflow in the WebPDecodeRGBInto function due to an invalid check for buffer size. This can allow a remote attacker to execute arbitrary code by creatin...