Libwebp Security Vulnerabilities and Issues — Libwebp CVE List

Lucene search

WebmprojectLibwebp

3 matches found

CVE•added 2023/06/20 12:15 p.m.•2351 views

CVE-2023-1999

There exists a use after free/double free in libwebp. An attacker can use the ApplyFiltersAndEncode() function and loop through to free best.bw and assign best = trial pointer. The second loop will then return 0 because of an Out of memory error in VP8 encoder, the pointer is still assigned to tria...

7.5CVSS7.2AI score0.00368EPSS

CVE•added 2021/05/21 5:15 p.m.•268 views

CVE-2020-36332

A flaw was found in libwebp in versions before 1.0.1. When reading a file libwebp allocates an excessive amount of memory. The highest threat from this vulnerability is to the service availability.

7.5CVSS6.3AI score0.00232EPSS

CVE•added 2019/05/23 6:29 p.m.•45 views

CVE-2016-9969

In libwebp 0.5.1, there is a double free bug in libwebpmux.

7.5CVSS7.5AI score0.00332EPSS