Lucene search
Veracode Vulnerability DatabaseVERACODE:30909HistoryJun 11, 2021 - 10:31 a.m.
Arbitrary Code Execution
2021-06-1110:31:09
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
13
EPSS
0.008
Percentile
81.1%
libwebp is vulnerable to arbitrary code execution. A heap-based buffer overflow in the function WebPDecodeRGBInto allows an attacker to execute arbitrary code on the host OS.
References
seclists.org/fulldisclosure/2021/Jul/54
access.redhat.com/errata/RHSA-2021:2364
access.redhat.com/security/updates/classification/#important
bugzilla.redhat.com/show_bug.cgi?id=1956829
lists.debian.org/debian-lts-announce/2021/06/msg00005.html
lists.debian.org/debian-lts-announce/2021/06/msg00006.html
security.netapp.com/advisory/ntap-20211112-0001/
support.apple.com/kb/HT212601
www.debian.org/security/2021/dsa-4930
Related
cve
cve
CVE-2020-36328
2021-05-21 17:15:08
nessus
nessus
Amazon Linux AMI : libwebp (ALAS-2021-1530)
2021-09-09 00:00:00
RHEL 8 : libwebp (RHSA-2021:2364)
2021-06-10 00:00:00
Amazon Linux 2 : libwebp (ALAS-2021-1676)
2021-07-01 00:00:00
nvd
nvd
CVE-2020-36328
2021-05-21 17:15:08
amazon
amazon
Important: libwebp
2021-09-02 22:54:00
Important: libwebp
2021-07-01 01:01:00
Important: qt5-qtimageformats
2021-07-01 01:05:00
prion
prion
Heap overflow
2021-05-21 17:15:00
osv
osv
CVE-2020-36328
2021-05-21 17:15:08
Important: libwebp security update
2021-06-08 23:31:29
libwebp vulnerabilities
2021-06-10 13:12:37
debiancve
debiancve
CVE-2020-36328
2021-05-21 17:15:08
redhatcve
redhatcve
CVE-2020-36328
2021-05-13 17:59:28
ubuntucve
ubuntucve
CVE-2020-36328
2020-12-31 00:00:00
cbl_mariner
cbl_mariner
CVE-2020-36328 affecting package libwebp 1.0.0-4
2021-06-09 03:50:29
cvelist
cvelist
CVE-2020-36328
2021-05-21 16:14:21
oraclelinux
oraclelinux
libwebp security update
2021-06-10 00:00:00
libwebp security update
2021-06-08 00:00:00
qt5-qtimageformats security update
2021-06-09 00:00:00
almalinux
almalinux
Important: libwebp security update
2021-06-08 23:31:29
rocky
rocky
libwebp security update
2021-06-08 23:31:29
redhat
redhat
(RHSA-2021:2364) Important: libwebp security update
2021-06-09 12:54:49
(RHSA-2021:2260) Important: libwebp security update
2021-06-07 10:03:45
(RHSA-2021:2365) Important: libwebp security update
2021-06-09 12:54:53
f5
f5
openvas
openvas
CentOS: Security Advisory for qt5-qtimageformats (CESA-2021:2328)
2021-06-15 00:00:00
Huawei EulerOS: Security Advisory for libwebp (EulerOS-SA-2021-2594)
2021-10-26 00:00:00
Huawei EulerOS: Security Advisory for libwebp (EulerOS-SA-2021-2104)
2021-07-07 00:00:00
centos
centos
qt5 security update
2021-06-14 18:46:33
rosalinux
rosalinux
Advisory ROSA-SA-2023-2183
2023-07-11 11:03:27
debian
debian
[SECURITY] [DLA 2677-1] libwebp security update
2021-06-06 18:38:17
[SECURITY] [DLA 2672-1] libwebp security update
2021-06-05 17:43:33
[SECURITY] [DSA 4930-1] libwebp security update
2021-06-10 21:04:30
suse
suse
Security update for libwebp (critical)
2021-07-11 00:00:00
photon
photon
Critical Photon OS Security Update - PHSA-2021-0244
2021-05-27 00:00:00
Critical Photon OS Security Update - PHSA-2021-3.0-0244
2021-05-28 00:00:00
ubuntu
ubuntu
libwebp vulnerabilities
2021-06-10 00:00:00
libwebp vulnerabilities
2021-06-01 00:00:00
qualysblog
qualysblog
cloudfoundry
cloudfoundry
USN-4971-1: libwebp vulnerabilities | Cloud Foundry
2021-06-11 00:00:00
apple
apple
About the security content of iOS 14.7 and iPadOS 14.7
2021-07-21 00:00:00
About the security content of iOS 14.7 and iPadOS 14.7
2021-07-19 00:00:00
threatpost
threatpost
Apple Issues Urgent iPhone Updates; None for Pegasus Zero-Day
2021-07-22 16:18:25
ibm
ibm