Search criteria
25 vulnerabilities by webmproject
CVE-2024-5197 (GCVE-0-2024-5197)
Vulnerability from cvelistv5 – Published: 2024-06-03 13:30 – Updated: 2025-02-13 17:54
VLAI?
Summary
There exists interger overflows in libvpx in versions prior to 1.14.1. Calling vpx_img_alloc() with a large value of the d_w, d_h, or align parameter may result in integer overflows in the calculations of buffer sizes and offsets and some fields of the returned vpx_image_t struct may be invalid. Calling vpx_img_wrap() with a large value of the d_w, d_h, or stride_align parameter may result in integer overflows in the calculations of buffer sizes and offsets and some fields of the returned vpx_image_t struct may be invalid. We recommend upgrading to version 1.14.1 or beyond
Severity ?
CWE
- CWE-190 - Integer Overflow or Wraparound
Assigner
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:chromium:libvpx:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "libvpx",
"vendor": "chromium",
"versions": [
{
"lessThan": "1.14.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-5197",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-03T17:27:56.300102Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T18:02:28.171Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T21:03:11.058Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://g-issues.chromium.org/issues/332382766"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00005.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://chromium.googlesource.com/webm/",
"defaultStatus": "unaffected",
"packageName": "libvpx",
"product": "libvpx",
"programFiles": [
"https://chromium.googlesource.com/webm/libvpx/+/refs/heads/main/vpx/src/vpx_image.c"
],
"programRoutines": [
{
"name": "vpx_img_alloc()"
},
{
"name": "vpx_img_wrap()"
}
],
"repo": "https://chromium.googlesource.com",
"vendor": "Chromium",
"versions": [
{
"lessThan": "1.14.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2024-04-02T10:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "There exists interger overflows in libvpx in versions prior to 1.14.1.\u0026nbsp;\u003cspan style=\"background-color: var(--wht);\"\u003eCalling \u003c/span\u003e\u003ccode\u003evpx_img_alloc()\u003c/code\u003e\u003cspan style=\"background-color: var(--wht);\"\u003e\u0026nbsp;with a large value of the \u003c/span\u003e\u003ccode\u003ed_w\u003c/code\u003e\u003cspan style=\"background-color: var(--wht);\"\u003e, \u003c/span\u003e\u003ccode\u003ed_h\u003c/code\u003e\u003cspan style=\"background-color: var(--wht);\"\u003e, or \u003c/span\u003e\u003ccode\u003ealign\u003c/code\u003e\u003cspan style=\"background-color: var(--wht);\"\u003e\u0026nbsp;parameter may result in integer overflows in the calculations of buffer sizes and offsets and some fields of the returned \u003c/span\u003e\u003ccode\u003evpx_image_t\u003c/code\u003e\u003cspan style=\"background-color: var(--wht);\"\u003e\u0026nbsp;struct may be invalid.\u0026nbsp;\u003c/span\u003e\u003cspan style=\"background-color: var(--wht);\"\u003eCalling \u003c/span\u003e\u003ccode\u003evpx_img_wrap()\u003c/code\u003e\u003cspan style=\"background-color: var(--wht);\"\u003e\u0026nbsp;with a large value of the \u003c/span\u003e\u003ccode\u003ed_w\u003c/code\u003e\u003cspan style=\"background-color: var(--wht);\"\u003e, \u003c/span\u003e\u003ccode\u003ed_h\u003c/code\u003e\u003cspan style=\"background-color: var(--wht);\"\u003e, or \u003c/span\u003e\u003ccode\u003estride_align\u003c/code\u003e\u003cspan style=\"background-color: var(--wht);\"\u003e\u0026nbsp;parameter may result in integer overflows in the calculations of buffer sizes and offsets and some fields of the returned \u003c/span\u003e\u003ccode\u003evpx_image_t\u003c/code\u003e\u003cspan style=\"background-color: var(--wht);\"\u003e\u0026nbsp;struct may be invalid. We recommend upgrading to version 1.14.1 or beyond\u003c/span\u003e\u003cspan style=\"background-color: var(--wht);\"\u003e\u003cbr\u003e\u003c/span\u003e\u003cbr\u003e\u003cbr\u003e"
}
],
"value": "There exists interger overflows in libvpx in versions prior to 1.14.1.\u00a0Calling vpx_img_alloc()\u00a0with a large value of the d_w, d_h, or align\u00a0parameter may result in integer overflows in the calculations of buffer sizes and offsets and some fields of the returned vpx_image_t\u00a0struct may be invalid.\u00a0Calling vpx_img_wrap()\u00a0with a large value of the d_w, d_h, or stride_align\u00a0parameter may result in integer overflows in the calculations of buffer sizes and offsets and some fields of the returned vpx_image_t\u00a0struct may be invalid. We recommend upgrading to version 1.14.1 or beyond"
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "LOW",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:P/VC:L/VI:H/VA:N/SC:L/SI:L/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-190",
"description": "CWE-190 Integer Overflow or Wraparound",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-16T21:05:48.990Z",
"orgId": "14ed7db2-1595-443d-9d34-6215bf890778",
"shortName": "Google"
},
"references": [
{
"url": "https://g-issues.chromium.org/issues/332382766"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00005.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Integer overflow in libvpx",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "14ed7db2-1595-443d-9d34-6215bf890778",
"assignerShortName": "Google",
"cveId": "CVE-2024-5197",
"datePublished": "2024-06-03T13:30:26.925Z",
"dateReserved": "2024-05-22T09:42:54.906Z",
"dateUpdated": "2025-02-13T17:54:05.905Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-6349 (GCVE-0-2023-6349)
Vulnerability from cvelistv5 – Published: 2024-05-27 11:26 – Updated: 2024-08-02 08:28
VLAI?
Summary
A heap overflow vulnerability exists in libvpx - Encoding a frame that has larger dimensions than the originally configured size with VP9 may result in a heap overflow in libvpx.
We recommend upgrading to version 1.13.1 or above
Severity ?
CWE
- CWE-122 - Heap-based Buffer Overflow
Assigner
References
| URL | Tags | |
|---|---|---|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-6349",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-28T15:01:21.802594Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:17:18.552Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:28:21.518Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://crbug.com/webm/1642"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://chromium.googlesource.com/",
"defaultStatus": "unaffected",
"packageName": "libvpx",
"product": "libvpx",
"repo": "https://chromium.googlesource.com/webm/libvpx",
"vendor": "Chromium",
"versions": [
{
"lessThan": "1.13.1",
"status": "affected",
"version": "1.5.0",
"versionType": "semver"
}
]
}
],
"datePublic": "2023-10-15T10:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A heap overflow vulnerability exists in libvpx -\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eEncoding a frame that has larger dimensions than the originally configured size with VP9 may result in a heap overflow in libvpx.\u003c/span\u003e\u003cbr\u003eWe recommend upgrading to version 1.13.1 or above"
}
],
"value": "A heap overflow vulnerability exists in libvpx -\u00a0Encoding a frame that has larger dimensions than the originally configured size with VP9 may result in a heap overflow in libvpx.\nWe recommend upgrading to version 1.13.1 or above"
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "AUTOMATIC",
"Safety": "NEGLIGIBLE",
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "HIGH",
"userInteraction": "PASSIVE",
"valueDensity": "DIFFUSE",
"vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:P/VC:L/VI:H/VA:N/SC:L/SI:H/SA:N/S:N/AU:N/R:A/V:D",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122 Heap-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-27T11:26:58.207Z",
"orgId": "14ed7db2-1595-443d-9d34-6215bf890778",
"shortName": "Google"
},
"references": [
{
"url": "https://crbug.com/webm/1642"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Heap overflow in libvpx",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "14ed7db2-1595-443d-9d34-6215bf890778",
"assignerShortName": "Google",
"cveId": "CVE-2023-6349",
"datePublished": "2024-05-27T11:26:58.207Z",
"dateReserved": "2023-11-28T01:49:37.568Z",
"dateUpdated": "2024-08-02T08:28:21.518Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-44488 (GCVE-0-2023-44488)
Vulnerability from cvelistv5 – Published: 2023-09-30 00:00 – Updated: 2024-09-23 16:15
VLAI?
Summary
VP9 in libvpx before 1.13.1 mishandles widths, leading to a crash related to encoding.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T20:07:33.164Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/webmproject/libvpx/commit/df9fd9d5b7325060b2b921558a1eb20ca7880937"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/webmproject/libvpx/commit/263682c9a29395055f3b3afe2d97be1828a6223f"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/webmproject/libvpx/compare/v1.13.0...v1.13.1"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/webmproject/libvpx/releases/tag/v1.13.1"
},
{
"name": "[oss-security] 20230930 Re: CVE-2023-5217: Heap buffer overflow in vp8 encoding in libvpx",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/09/30/4"
},
{
"name": "[debian-lts-announce] 20231001 [SECURITY] [DLA 3598-1] libvpx security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00001.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241806"
},
{
"name": "GLSA-202310-04",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202310-04"
},
{
"name": "DSA-5518",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5518"
},
{
"name": "FEDORA-2023-f696934fbf",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TE7F54W5O5RS4ZMAAC7YK3CZWQXIDSKB/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-44488",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-23T16:14:51.375605Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-23T16:15:31.069Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "VP9 in libvpx before 1.13.1 mishandles widths, leading to a crash related to encoding."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-23T03:06:17.316294",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/webmproject/libvpx/commit/df9fd9d5b7325060b2b921558a1eb20ca7880937"
},
{
"url": "https://github.com/webmproject/libvpx/commit/263682c9a29395055f3b3afe2d97be1828a6223f"
},
{
"url": "https://github.com/webmproject/libvpx/compare/v1.13.0...v1.13.1"
},
{
"url": "https://github.com/webmproject/libvpx/releases/tag/v1.13.1"
},
{
"name": "[oss-security] 20230930 Re: CVE-2023-5217: Heap buffer overflow in vp8 encoding in libvpx",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/09/30/4"
},
{
"name": "[debian-lts-announce] 20231001 [SECURITY] [DLA 3598-1] libvpx security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00001.html"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241806"
},
{
"name": "GLSA-202310-04",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202310-04"
},
{
"name": "DSA-5518",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5518"
},
{
"name": "FEDORA-2023-f696934fbf",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TE7F54W5O5RS4ZMAAC7YK3CZWQXIDSKB/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-44488",
"datePublished": "2023-09-30T00:00:00",
"dateReserved": "2023-09-30T00:00:00",
"dateUpdated": "2024-09-23T16:15:31.069Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-5217 (GCVE-0-2023-5217)
Vulnerability from cvelistv5 – Published: 2023-09-28 15:23 – Updated: 2025-10-21 23:05
VLAI?
Summary
Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Severity ?
8.8 (High)
CWE
- Heap buffer overflow
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:52:08.351Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_27.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://crbug.com/1486441"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/09/28/5"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/09/28/6"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/09/29/1"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/09/29/2"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/09/29/7"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/09/29/9"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-44/"
},
{
"tags": [
"x_transferred"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2023-5217"
},
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241191"
},
{
"tags": [
"x_transferred"
],
"url": "https://stackdiary.com/google-discloses-a-webm-vp8-bug-tracked-as-cve-2023-5217/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2023/09/28/5"
},
{
"tags": [
"x_transferred"
],
"url": "https://pastebin.com/TdkC4pDv"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/webmproject/libvpx/commit/3fbd1dca6a4d2dad332a2110d646e4ffef36d590"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/webmproject/libvpx/commit/af6dedd715f4307669366944cca6e0417b290282"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/webmproject/libvpx/tags"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/09/29/11"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/09/29/12"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/09/29/14"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5510"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5509"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5508"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/09/30/1"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00038.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://twitter.com/maddiestone/status/1707163313711497266"
},
{
"tags": [
"x_transferred"
],
"url": "https://arstechnica.com/security/2023/09/new-0-day-in-chrome-and-firefox-is-likely-to-plague-other-software/"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/webmproject/libvpx/releases/tag/v1.13.1"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/09/30/3"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/09/30/2"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/09/30/4"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/09/30/5"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BCVSHVX2RFBU3RMCUFSATVQEJUFD4Q63/"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/01/2"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/01/1"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/01/5"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00001.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WTRUIS3564P7ZLM2S2IH4Y4KZ327LI4I/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/55YVCZNAVY3Y5E4DWPWMX2SPKZ2E5SOV/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MFWDFJSSIFKWKNOCTQCFUNZWAXUCSS4/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CWEJYS5NC7KVFYU3OAMPKQDYN6JQGVK6/"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/02/6"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/03/11"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202310-04"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/kb/HT213961"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AY642Z6JZODQJE7Z62CFREVUHEGCXGPD/"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2023/Oct/12"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00015.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/kb/HT213972"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2023/Oct/16"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TE7F54W5O5RS4ZMAAC7YK3CZWQXIDSKB/"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202401-34"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-5217",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2023-11-15T16:38:17.360361Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2023-10-02",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-5217"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T23:05:36.191Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-5217"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-10-02T00:00:00+00:00",
"value": "CVE-2023-5217 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Chrome",
"vendor": "Google",
"versions": [
{
"lessThan": "117.0.5938.132",
"status": "affected",
"version": "117.0.5938.132",
"versionType": "custom"
}
]
},
{
"product": "libvpx",
"vendor": "Google",
"versions": [
{
"lessThan": "1.13.1",
"status": "affected",
"version": "1.13.1",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Heap buffer overflow",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-31T17:08:56.596Z",
"orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"shortName": "Chrome"
},
"references": [
{
"url": "https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_27.html"
},
{
"url": "https://crbug.com/1486441"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/09/28/5"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/09/28/6"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/09/29/1"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/09/29/2"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/09/29/7"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/09/29/9"
},
{
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-44/"
},
{
"url": "https://security-tracker.debian.org/tracker/CVE-2023-5217"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241191"
},
{
"url": "https://stackdiary.com/google-discloses-a-webm-vp8-bug-tracked-as-cve-2023-5217/"
},
{
"url": "https://www.openwall.com/lists/oss-security/2023/09/28/5"
},
{
"url": "https://pastebin.com/TdkC4pDv"
},
{
"url": "https://github.com/webmproject/libvpx/commit/3fbd1dca6a4d2dad332a2110d646e4ffef36d590"
},
{
"url": "https://github.com/webmproject/libvpx/commit/af6dedd715f4307669366944cca6e0417b290282"
},
{
"url": "https://github.com/webmproject/libvpx/tags"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/09/29/11"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/09/29/12"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/09/29/14"
},
{
"url": "https://www.debian.org/security/2023/dsa-5510"
},
{
"url": "https://www.debian.org/security/2023/dsa-5509"
},
{
"url": "https://www.debian.org/security/2023/dsa-5508"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/09/30/1"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00038.html"
},
{
"url": "https://twitter.com/maddiestone/status/1707163313711497266"
},
{
"url": "https://arstechnica.com/security/2023/09/new-0-day-in-chrome-and-firefox-is-likely-to-plague-other-software/"
},
{
"url": "https://github.com/webmproject/libvpx/releases/tag/v1.13.1"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/09/30/3"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/09/30/2"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/09/30/4"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/09/30/5"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BCVSHVX2RFBU3RMCUFSATVQEJUFD4Q63/"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/10/01/2"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/10/01/1"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/10/01/5"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00001.html"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WTRUIS3564P7ZLM2S2IH4Y4KZ327LI4I/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/55YVCZNAVY3Y5E4DWPWMX2SPKZ2E5SOV/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MFWDFJSSIFKWKNOCTQCFUNZWAXUCSS4/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CWEJYS5NC7KVFYU3OAMPKQDYN6JQGVK6/"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/10/02/6"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/10/03/11"
},
{
"url": "https://security.gentoo.org/glsa/202310-04"
},
{
"url": "https://support.apple.com/kb/HT213961"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AY642Z6JZODQJE7Z62CFREVUHEGCXGPD/"
},
{
"url": "http://seclists.org/fulldisclosure/2023/Oct/12"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00015.html"
},
{
"url": "https://support.apple.com/kb/HT213972"
},
{
"url": "http://seclists.org/fulldisclosure/2023/Oct/16"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TE7F54W5O5RS4ZMAAC7YK3CZWQXIDSKB/"
},
{
"url": "https://security.gentoo.org/glsa/202401-34"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"assignerShortName": "Chrome",
"cveId": "CVE-2023-5217",
"datePublished": "2023-09-28T15:23:18.340Z",
"dateReserved": "2023-09-27T01:52:05.679Z",
"dateUpdated": "2025-10-21T23:05:36.191Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-4863 (GCVE-0-2023-4863)
Vulnerability from cvelistv5 – Published: 2023-09-12 14:24 – Updated: 2025-10-21 23:05
VLAI?
Summary
Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical)
Severity ?
8.8 (High)
CWE
- Heap buffer overflow
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-19T07:48:10.265Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_11.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://crbug.com/1479274"
},
{
"tags": [
"x_transferred"
],
"url": "https://en.bandisoft.com/honeyview/history/"
},
{
"tags": [
"x_transferred"
],
"url": "https://stackdiary.com/critical-vulnerability-in-webp-codec-cve-2023-4863/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-40/"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/webmproject/libwebp/commit/902bc9190331343b2017211debcec8d2ab87e17a"
},
{
"tags": [
"x_transferred"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-4863"
},
{
"tags": [
"x_transferred"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2023-4863"
},
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1215231"
},
{
"tags": [
"x_transferred"
],
"url": "https://news.ycombinator.com/item?id=37478403"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.bleepingcomputer.com/news/google/google-fixes-another-chrome-zero-day-bug-exploited-in-attacks/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5496"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5497"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OZDGWWMJREPAGKWCJKSCM4WYLANSKIFX/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FYYKLG6CRGEDTNRBSU26EEWAO6D6U645/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PYZV7TMKF4QHZ54SFJX54BDN52VHGGCX/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00015.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WHOLML7N2G5KCAZXFWC5IDFFHSQS5SDB/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5498"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202309-05"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00016.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T655QF7CQ3DYAMPFV7IECQYGDEUIVVT/"
},
{
"tags": [
"x_transferred"
],
"url": "https://adamcaudill.com/2023/09/14/whose-cve-is-it-anyway/"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/webmproject/libwebp/releases/tag/v1.3.2"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00017.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KUQ7CTX3W372X3UY56VVNAHCH6H2F4X3/"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/09/21/4"
},
{
"tags": [
"x_transferred"
],
"url": "https://blog.isosceles.com/the-webp-0day/"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/09/22/1"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/09/22/3"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/09/22/4"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/09/22/5"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/09/22/8"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/09/22/7"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/09/22/6"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/09/26/1"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/09/26/7"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/09/28/1"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/09/28/2"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/09/28/4"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20230929-0011/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WTRUIS3564P7ZLM2S2IH4Y4KZ327LI4I/"
},
{
"tags": [
"x_transferred"
],
"url": "https://sethmlarson.dev/security-developer-in-residence-weekly-report-16"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.bentley.com/advisories/be-2023-0001/"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202401-10"
},
{
"url": "https://www.vicarius.io/vsociety/posts/zero-day-webp-vulnerability-cve-2023-4863"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-4863",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2023-11-28T05:00:18.341149Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2023-09-13",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-4863"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T23:05:38.429Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-4863"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-09-13T00:00:00+00:00",
"value": "CVE-2023-4863 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Chrome",
"vendor": "Google",
"versions": [
{
"lessThan": "116.0.5845.187",
"status": "affected",
"version": "116.0.5845.187",
"versionType": "custom"
}
]
},
{
"product": "libwebp",
"vendor": "Google",
"versions": [
{
"lessThan": "1.3.2",
"status": "affected",
"version": "1.3.2",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical)"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Heap buffer overflow",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-07T11:07:27.027Z",
"orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"shortName": "Chrome"
},
"references": [
{
"url": "https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_11.html"
},
{
"url": "https://crbug.com/1479274"
},
{
"url": "https://en.bandisoft.com/honeyview/history/"
},
{
"url": "https://stackdiary.com/critical-vulnerability-in-webp-codec-cve-2023-4863/"
},
{
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-40/"
},
{
"url": "https://github.com/webmproject/libwebp/commit/902bc9190331343b2017211debcec8d2ab87e17a"
},
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-4863"
},
{
"url": "https://security-tracker.debian.org/tracker/CVE-2023-4863"
},
{
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1215231"
},
{
"url": "https://news.ycombinator.com/item?id=37478403"
},
{
"url": "https://www.bleepingcomputer.com/news/google/google-fixes-another-chrome-zero-day-bug-exploited-in-attacks/"
},
{
"url": "https://www.debian.org/security/2023/dsa-5496"
},
{
"url": "https://www.debian.org/security/2023/dsa-5497"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OZDGWWMJREPAGKWCJKSCM4WYLANSKIFX/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FYYKLG6CRGEDTNRBSU26EEWAO6D6U645/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PYZV7TMKF4QHZ54SFJX54BDN52VHGGCX/"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00015.html"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WHOLML7N2G5KCAZXFWC5IDFFHSQS5SDB/"
},
{
"url": "https://www.debian.org/security/2023/dsa-5498"
},
{
"url": "https://security.gentoo.org/glsa/202309-05"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00016.html"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T655QF7CQ3DYAMPFV7IECQYGDEUIVVT/"
},
{
"url": "https://adamcaudill.com/2023/09/14/whose-cve-is-it-anyway/"
},
{
"url": "https://github.com/webmproject/libwebp/releases/tag/v1.3.2"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00017.html"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KUQ7CTX3W372X3UY56VVNAHCH6H2F4X3/"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/09/21/4"
},
{
"url": "https://blog.isosceles.com/the-webp-0day/"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/09/22/1"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/09/22/3"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/09/22/4"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/09/22/5"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/09/22/8"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/09/22/7"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/09/22/6"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/09/26/1"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/09/26/7"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/09/28/1"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/09/28/2"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/09/28/4"
},
{
"url": "https://security.netapp.com/advisory/ntap-20230929-0011/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WTRUIS3564P7ZLM2S2IH4Y4KZ327LI4I/"
},
{
"url": "https://sethmlarson.dev/security-developer-in-residence-weekly-report-16"
},
{
"url": "https://www.bentley.com/advisories/be-2023-0001/"
},
{
"url": "https://security.gentoo.org/glsa/202401-10"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"assignerShortName": "Chrome",
"cveId": "CVE-2023-4863",
"datePublished": "2023-09-12T14:24:59.275Z",
"dateReserved": "2023-09-09T01:02:58.312Z",
"dateUpdated": "2025-10-21T23:05:38.429Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-1999 (GCVE-0-2023-1999)
Vulnerability from cvelistv5 – Published: 2023-06-20 11:28 – Updated: 2025-02-13 16:39
VLAI?
Summary
There exists a use after free/double free in libwebp. An attacker can use the ApplyFiltersAndEncode() function and loop through to free best.bw and assign best = trial pointer. The second loop will then return 0 because of an Out of memory error in VP8 encoder, the pointer is still assigned to trial and the AddressSanitizer will attempt a double free.
Severity ?
5.3 (Medium)
CWE
- CWE-416 - Use After Free
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T06:05:27.124Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://chromium.googlesource.com/webm/libwebp"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202309-05"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-1999",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-26T19:14:09.901555Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-26T19:14:21.862Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://chromium.googlesource.com/webm/libwebp",
"defaultStatus": "unaffected",
"packageName": "libwebp",
"product": "libwebp",
"repo": "https://chromium.googlesource.com/",
"vendor": "Chromium",
"versions": [
{
"lessThan": "1.3.1",
"status": "affected",
"version": "0.4.2",
"versionType": "custom"
},
{
"lessThan": "1.3.0-8-ga486d800",
"status": "affected",
"version": "0.4.2",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "There exists a use after free/double free in libwebp. An attacker can use the\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eApplyFiltersAndEncode() function and loop through to free best.bw and assign best = trial pointer. The second loop will then return 0 because of an Out of memory error in VP8 encoder, the pointer is still assigned to trial and the AddressSanitizer will attempt a double free.\u0026nbsp;\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "There exists a use after free/double free in libwebp. An attacker can use the\u00a0ApplyFiltersAndEncode() function and loop through to free best.bw and assign best = trial pointer. The second loop will then return 0 because of an Out of memory error in VP8 encoder, the pointer is still assigned to trial and the AddressSanitizer will attempt a double free."
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-17T08:07:00.899Z",
"orgId": "14ed7db2-1595-443d-9d34-6215bf890778",
"shortName": "Google"
},
"references": [
{
"url": "https://chromium.googlesource.com/webm/libwebp"
},
{
"url": "https://security.gentoo.org/glsa/202309-05"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Use after free in libwebp",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "14ed7db2-1595-443d-9d34-6215bf890778",
"assignerShortName": "Google",
"cveId": "CVE-2023-1999",
"datePublished": "2023-06-20T11:28:52.547Z",
"dateReserved": "2023-04-12T09:40:34.560Z",
"dateUpdated": "2025-02-13T16:39:44.993Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-25014 (GCVE-0-2018-25014)
Vulnerability from cvelistv5 – Published: 2021-05-21 16:27 – Updated: 2024-08-05 12:26
VLAI?
Summary
A use of uninitialized value was found in libwebp in versions before 1.0.1 in ReadSymbol().
Severity ?
No CVSS data available.
CWE
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T12:26:39.521Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1956927"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9496"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://chromium.googlesource.com/webm/libwebp/+log/78ad57a36ad69a9c22874b182d49d64125c380f2..907208f97ead639bd52"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "libwebp",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "libwebp 1.0.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A use of uninitialized value was found in libwebp in versions before 1.0.1 in ReadSymbol()."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-908",
"description": "CWE-908",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-05T15:23:22",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1956927"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9496"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://chromium.googlesource.com/webm/libwebp/+log/78ad57a36ad69a9c22874b182d49d64125c380f2..907208f97ead639bd52"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2018-25014",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "libwebp",
"version": {
"version_data": [
{
"version_value": "libwebp 1.0.1"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A use of uninitialized value was found in libwebp in versions before 1.0.1 in ReadSymbol()."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-908"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1956927",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1956927"
},
{
"name": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9496",
"refsource": "MISC",
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9496"
},
{
"name": "https://chromium.googlesource.com/webm/libwebp/+log/78ad57a36ad69a9c22874b182d49d64125c380f2..907208f97ead639bd52",
"refsource": "MISC",
"url": "https://chromium.googlesource.com/webm/libwebp/+log/78ad57a36ad69a9c22874b182d49d64125c380f2..907208f97ead639bd52"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2018-25014",
"datePublished": "2021-05-21T16:27:57",
"dateReserved": "2021-05-04T00:00:00",
"dateUpdated": "2024-08-05T12:26:39.521Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-25013 (GCVE-0-2018-25013)
Vulnerability from cvelistv5 – Published: 2021-05-21 16:27 – Updated: 2024-08-05 12:26
VLAI?
Summary
A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in ShiftBytes().
Severity ?
No CVSS data available.
CWE
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T12:26:39.668Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1956926"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9417"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://chromium.googlesource.com/webm/libwebp/+/907208f97ead639bd521cf355a2f203f462eade6"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "libwebp",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "libwebp 1.0.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in ShiftBytes()."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-05T15:23:12",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1956926"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9417"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://chromium.googlesource.com/webm/libwebp/+/907208f97ead639bd521cf355a2f203f462eade6"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2018-25013",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "libwebp",
"version": {
"version_data": [
{
"version_value": "libwebp 1.0.1"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in ShiftBytes()."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-125"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1956926",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1956926"
},
{
"name": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9417",
"refsource": "MISC",
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9417"
},
{
"name": "https://chromium.googlesource.com/webm/libwebp/+/907208f97ead639bd521cf355a2f203f462eade6",
"refsource": "MISC",
"url": "https://chromium.googlesource.com/webm/libwebp/+/907208f97ead639bd521cf355a2f203f462eade6"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2018-25013",
"datePublished": "2021-05-21T16:27:13",
"dateReserved": "2021-05-04T00:00:00",
"dateUpdated": "2024-08-05T12:26:39.668Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-25012 (GCVE-0-2018-25012)
Vulnerability from cvelistv5 – Published: 2021-05-21 16:26 – Updated: 2024-08-05 12:26
VLAI?
Summary
A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in GetLE24().
Severity ?
No CVSS data available.
CWE
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T12:26:39.460Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1956922"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://chromium.googlesource.com/webm/libwebp/+/95fd65070662e01cc9170c4444f5c0859a710097"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9123"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "libwebp",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "libwebp 1.0.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in GetLE24()."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-05T15:23:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1956922"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://chromium.googlesource.com/webm/libwebp/+/95fd65070662e01cc9170c4444f5c0859a710097"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9123"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2018-25012",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "libwebp",
"version": {
"version_data": [
{
"version_value": "libwebp 1.0.1"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in GetLE24()."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-125"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1956922",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1956922"
},
{
"name": "https://chromium.googlesource.com/webm/libwebp/+/95fd65070662e01cc9170c4444f5c0859a710097",
"refsource": "MISC",
"url": "https://chromium.googlesource.com/webm/libwebp/+/95fd65070662e01cc9170c4444f5c0859a710097"
},
{
"name": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9123",
"refsource": "MISC",
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9123"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2018-25012",
"datePublished": "2021-05-21T16:26:31",
"dateReserved": "2021-05-04T00:00:00",
"dateUpdated": "2024-08-05T12:26:39.460Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-25011 (GCVE-0-2018-25011)
Vulnerability from cvelistv5 – Published: 2021-05-21 16:25 – Updated: 2024-08-05 12:26
VLAI?
Summary
A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in PutLE16().
Severity ?
No CVSS data available.
CWE
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T12:26:39.464Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1956919"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9119"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://chromium.googlesource.com/webm/libwebp/+/v1.0.1"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://chromium.googlesource.com/webm/libwebp/+log/be738c6d396fa5a272c1b209be4379a7532debfe..29fb8562c60b5a919a75d904ff7366af423f8ab9?pretty=fuller\u0026n=10000"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "libwebp",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "libwebp 1.0.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in PutLE16()."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-05T15:22:49",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1956919"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9119"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://chromium.googlesource.com/webm/libwebp/+/v1.0.1"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://chromium.googlesource.com/webm/libwebp/+log/be738c6d396fa5a272c1b209be4379a7532debfe..29fb8562c60b5a919a75d904ff7366af423f8ab9?pretty=fuller\u0026n=10000"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2018-25011",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "libwebp",
"version": {
"version_data": [
{
"version_value": "libwebp 1.0.1"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in PutLE16()."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-787"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1956919",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1956919"
},
{
"name": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9119",
"refsource": "MISC",
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9119"
},
{
"name": "https://chromium.googlesource.com/webm/libwebp/+/v1.0.1",
"refsource": "MISC",
"url": "https://chromium.googlesource.com/webm/libwebp/+/v1.0.1"
},
{
"name": "https://chromium.googlesource.com/webm/libwebp/+log/be738c6d396fa5a272c1b209be4379a7532debfe..29fb8562c60b5a919a75d904ff7366af423f8ab9?pretty=fuller\u0026n=10000",
"refsource": "MISC",
"url": "https://chromium.googlesource.com/webm/libwebp/+log/be738c6d396fa5a272c1b209be4379a7532debfe..29fb8562c60b5a919a75d904ff7366af423f8ab9?pretty=fuller\u0026n=10000"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2018-25011",
"datePublished": "2021-05-21T16:25:40",
"dateReserved": "2021-05-04T00:00:00",
"dateUpdated": "2024-08-05T12:26:39.464Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-25010 (GCVE-0-2018-25010)
Vulnerability from cvelistv5 – Published: 2021-05-21 16:24 – Updated: 2024-08-05 12:26
VLAI?
Summary
A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in ApplyFilter().
Severity ?
No CVSS data available.
CWE
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T12:26:39.513Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1956918"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9105"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://chromium.googlesource.com/webm/libwebp/+/1344a2e947c749d231141a295327e5b99b444d63"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "libwebp",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "libwebp 1.0.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in ApplyFilter()."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-05T15:22:42",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1956918"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9105"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://chromium.googlesource.com/webm/libwebp/+/1344a2e947c749d231141a295327e5b99b444d63"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2018-25010",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "libwebp",
"version": {
"version_data": [
{
"version_value": "libwebp 1.0.1"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in ApplyFilter()."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-125"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1956918",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1956918"
},
{
"name": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9105",
"refsource": "MISC",
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9105"
},
{
"name": "https://chromium.googlesource.com/webm/libwebp/+/1344a2e947c749d231141a295327e5b99b444d63",
"refsource": "MISC",
"url": "https://chromium.googlesource.com/webm/libwebp/+/1344a2e947c749d231141a295327e5b99b444d63"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2018-25010",
"datePublished": "2021-05-21T16:24:23",
"dateReserved": "2021-05-04T00:00:00",
"dateUpdated": "2024-08-05T12:26:39.513Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-25009 (GCVE-0-2018-25009)
Vulnerability from cvelistv5 – Published: 2021-05-21 16:22 – Updated: 2024-08-05 12:26
VLAI?
Summary
A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in GetLE16().
Severity ?
No CVSS data available.
CWE
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T12:26:39.453Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1956917"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9100"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://chromium.googlesource.com/webm/libwebp/+/95fd65070662e01cc9170c4444f5c0859a710097"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "libwebp",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "libwebp 1.0.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in GetLE16()."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-05T15:22:28",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1956917"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9100"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://chromium.googlesource.com/webm/libwebp/+/95fd65070662e01cc9170c4444f5c0859a710097"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2018-25009",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "libwebp",
"version": {
"version_data": [
{
"version_value": "libwebp 1.0.1"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in GetLE16()."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-125"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1956917",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1956917"
},
{
"name": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9100",
"refsource": "MISC",
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9100"
},
{
"name": "https://chromium.googlesource.com/webm/libwebp/+/95fd65070662e01cc9170c4444f5c0859a710097",
"refsource": "MISC",
"url": "https://chromium.googlesource.com/webm/libwebp/+/95fd65070662e01cc9170c4444f5c0859a710097"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2018-25009",
"datePublished": "2021-05-21T16:22:38",
"dateReserved": "2021-05-04T00:00:00",
"dateUpdated": "2024-08-05T12:26:39.453Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-36332 (GCVE-0-2020-36332)
Vulnerability from cvelistv5 – Published: 2021-05-21 16:21 – Updated: 2024-08-04 17:23
VLAI?
Summary
A flaw was found in libwebp in versions before 1.0.1. When reading a file libwebp allocates an excessive amount of memory. The highest threat from this vulnerability is to the service availability.
Severity ?
No CVSS data available.
CWE
- CWE-20 - >CWE-400
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:23:10.434Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1956868"
},
{
"name": "DSA-4930",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2021/dsa-4930"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20211104-0004/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "libwebp",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "libwebp 1.0.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in libwebp in versions before 1.0.1. When reading a file libwebp allocates an excessive amount of memory. The highest threat from this vulnerability is to the service availability."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20-\u003eCWE-400",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-04T08:06:18",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1956868"
},
{
"name": "DSA-4930",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2021/dsa-4930"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20211104-0004/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2020-36332",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "libwebp",
"version": {
"version_data": [
{
"version_value": "libwebp 1.0.1"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A flaw was found in libwebp in versions before 1.0.1. When reading a file libwebp allocates an excessive amount of memory. The highest threat from this vulnerability is to the service availability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20-\u003eCWE-400"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1956868",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1956868"
},
{
"name": "DSA-4930",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2021/dsa-4930"
},
{
"name": "https://security.netapp.com/advisory/ntap-20211104-0004/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20211104-0004/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2020-36332",
"datePublished": "2021-05-21T16:21:29",
"dateReserved": "2021-05-04T00:00:00",
"dateUpdated": "2024-08-04T17:23:10.434Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-36331 (GCVE-0-2020-36331)
Vulnerability from cvelistv5 – Published: 2021-05-21 16:20 – Updated: 2024-08-04 17:23
VLAI?
Summary
A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds read was found in function ChunkAssignData. The highest threat from this vulnerability is to data confidentiality and to the service availability.
Severity ?
No CVSS data available.
CWE
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:23:10.465Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1956856"
},
{
"name": "[debian-lts-announce] 20210605 [SECURITY] [DLA 2672-1] libwebp security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00005.html"
},
{
"name": "[debian-lts-announce] 20210606 [SECURITY] [DLA 2677-1] libwebp security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00006.html"
},
{
"name": "DSA-4930",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2021/dsa-4930"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT212601"
},
{
"name": "20210723 APPLE-SA-2021-07-21-1 iOS 14.7 and iPadOS 14.7",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2021/Jul/54"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20211112-0001/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "libwebp",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "libwebp 1.0.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds read was found in function ChunkAssignData. The highest threat from this vulnerability is to data confidentiality and to the service availability."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-12T08:06:33",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1956856"
},
{
"name": "[debian-lts-announce] 20210605 [SECURITY] [DLA 2672-1] libwebp security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00005.html"
},
{
"name": "[debian-lts-announce] 20210606 [SECURITY] [DLA 2677-1] libwebp security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00006.html"
},
{
"name": "DSA-4930",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2021/dsa-4930"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/kb/HT212601"
},
{
"name": "20210723 APPLE-SA-2021-07-21-1 iOS 14.7 and iPadOS 14.7",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2021/Jul/54"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20211112-0001/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2020-36331",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "libwebp",
"version": {
"version_data": [
{
"version_value": "libwebp 1.0.1"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds read was found in function ChunkAssignData. The highest threat from this vulnerability is to data confidentiality and to the service availability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-125"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1956856",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1956856"
},
{
"name": "[debian-lts-announce] 20210605 [SECURITY] [DLA 2672-1] libwebp security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00005.html"
},
{
"name": "[debian-lts-announce] 20210606 [SECURITY] [DLA 2677-1] libwebp security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00006.html"
},
{
"name": "DSA-4930",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2021/dsa-4930"
},
{
"name": "https://support.apple.com/kb/HT212601",
"refsource": "CONFIRM",
"url": "https://support.apple.com/kb/HT212601"
},
{
"name": "20210723 APPLE-SA-2021-07-21-1 iOS 14.7 and iPadOS 14.7",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2021/Jul/54"
},
{
"name": "https://security.netapp.com/advisory/ntap-20211112-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20211112-0001/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2020-36331",
"datePublished": "2021-05-21T16:20:33",
"dateReserved": "2021-05-04T00:00:00",
"dateUpdated": "2024-08-04T17:23:10.465Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-36330 (GCVE-0-2020-36330)
Vulnerability from cvelistv5 – Published: 2021-05-21 16:19 – Updated: 2024-08-04 17:23
VLAI?
Summary
A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds read was found in function ChunkVerifyAndAssign. The highest threat from this vulnerability is to data confidentiality and to the service availability.
Severity ?
No CVSS data available.
CWE
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:23:10.522Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1956853"
},
{
"name": "[debian-lts-announce] 20210605 [SECURITY] [DLA 2672-1] libwebp security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00005.html"
},
{
"name": "[debian-lts-announce] 20210606 [SECURITY] [DLA 2677-1] libwebp security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00006.html"
},
{
"name": "DSA-4930",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2021/dsa-4930"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT212601"
},
{
"name": "20210723 APPLE-SA-2021-07-21-1 iOS 14.7 and iPadOS 14.7",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2021/Jul/54"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20211104-0004/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "libwebp",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "libwebp 1.0.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds read was found in function ChunkVerifyAndAssign. The highest threat from this vulnerability is to data confidentiality and to the service availability."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-04T08:06:20",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1956853"
},
{
"name": "[debian-lts-announce] 20210605 [SECURITY] [DLA 2672-1] libwebp security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00005.html"
},
{
"name": "[debian-lts-announce] 20210606 [SECURITY] [DLA 2677-1] libwebp security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00006.html"
},
{
"name": "DSA-4930",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2021/dsa-4930"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/kb/HT212601"
},
{
"name": "20210723 APPLE-SA-2021-07-21-1 iOS 14.7 and iPadOS 14.7",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2021/Jul/54"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20211104-0004/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2020-36330",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "libwebp",
"version": {
"version_data": [
{
"version_value": "libwebp 1.0.1"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds read was found in function ChunkVerifyAndAssign. The highest threat from this vulnerability is to data confidentiality and to the service availability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-125"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1956853",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1956853"
},
{
"name": "[debian-lts-announce] 20210605 [SECURITY] [DLA 2672-1] libwebp security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00005.html"
},
{
"name": "[debian-lts-announce] 20210606 [SECURITY] [DLA 2677-1] libwebp security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00006.html"
},
{
"name": "DSA-4930",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2021/dsa-4930"
},
{
"name": "https://support.apple.com/kb/HT212601",
"refsource": "CONFIRM",
"url": "https://support.apple.com/kb/HT212601"
},
{
"name": "20210723 APPLE-SA-2021-07-21-1 iOS 14.7 and iPadOS 14.7",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2021/Jul/54"
},
{
"name": "https://security.netapp.com/advisory/ntap-20211104-0004/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20211104-0004/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2020-36330",
"datePublished": "2021-05-21T16:19:44",
"dateReserved": "2021-05-04T00:00:00",
"dateUpdated": "2024-08-04T17:23:10.522Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-36329 (GCVE-0-2020-36329)
Vulnerability from cvelistv5 – Published: 2021-05-21 16:15 – Updated: 2024-08-04 17:23
VLAI?
Summary
A flaw was found in libwebp in versions before 1.0.1. A use-after-free was found due to a thread being killed too early. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Severity ?
No CVSS data available.
CWE
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:23:10.443Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1956843"
},
{
"name": "[debian-lts-announce] 20210605 [SECURITY] [DLA 2672-1] libwebp security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00005.html"
},
{
"name": "[debian-lts-announce] 20210606 [SECURITY] [DLA 2677-1] libwebp security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00006.html"
},
{
"name": "DSA-4930",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2021/dsa-4930"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT212601"
},
{
"name": "20210723 APPLE-SA-2021-07-21-1 iOS 14.7 and iPadOS 14.7",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2021/Jul/54"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20211112-0001/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "libwebp",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "libwebp 1.0.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in libwebp in versions before 1.0.1. A use-after-free was found due to a thread being killed too early. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-12T08:06:31",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1956843"
},
{
"name": "[debian-lts-announce] 20210605 [SECURITY] [DLA 2672-1] libwebp security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00005.html"
},
{
"name": "[debian-lts-announce] 20210606 [SECURITY] [DLA 2677-1] libwebp security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00006.html"
},
{
"name": "DSA-4930",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2021/dsa-4930"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/kb/HT212601"
},
{
"name": "20210723 APPLE-SA-2021-07-21-1 iOS 14.7 and iPadOS 14.7",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2021/Jul/54"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20211112-0001/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2020-36329",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "libwebp",
"version": {
"version_data": [
{
"version_value": "libwebp 1.0.1"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A flaw was found in libwebp in versions before 1.0.1. A use-after-free was found due to a thread being killed too early. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-416"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1956843",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1956843"
},
{
"name": "[debian-lts-announce] 20210605 [SECURITY] [DLA 2672-1] libwebp security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00005.html"
},
{
"name": "[debian-lts-announce] 20210606 [SECURITY] [DLA 2677-1] libwebp security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00006.html"
},
{
"name": "DSA-4930",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2021/dsa-4930"
},
{
"name": "https://support.apple.com/kb/HT212601",
"refsource": "CONFIRM",
"url": "https://support.apple.com/kb/HT212601"
},
{
"name": "20210723 APPLE-SA-2021-07-21-1 iOS 14.7 and iPadOS 14.7",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2021/Jul/54"
},
{
"name": "https://security.netapp.com/advisory/ntap-20211112-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20211112-0001/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2020-36329",
"datePublished": "2021-05-21T16:15:10",
"dateReserved": "2021-05-04T00:00:00",
"dateUpdated": "2024-08-04T17:23:10.443Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-36328 (GCVE-0-2020-36328)
Vulnerability from cvelistv5 – Published: 2021-05-21 16:14 – Updated: 2024-08-04 17:23
VLAI?
Summary
A flaw was found in libwebp in versions before 1.0.1. A heap-based buffer overflow in function WebPDecodeRGBInto is possible due to an invalid check for buffer size. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Severity ?
No CVSS data available.
CWE
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:23:10.457Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1956829"
},
{
"name": "[debian-lts-announce] 20210605 [SECURITY] [DLA 2672-1] libwebp security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00005.html"
},
{
"name": "[debian-lts-announce] 20210606 [SECURITY] [DLA 2677-1] libwebp security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00006.html"
},
{
"name": "DSA-4930",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2021/dsa-4930"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT212601"
},
{
"name": "20210723 APPLE-SA-2021-07-21-1 iOS 14.7 and iPadOS 14.7",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2021/Jul/54"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20211112-0001/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "libwebp",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "libwebp 1.0.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in libwebp in versions before 1.0.1. A heap-based buffer overflow in function WebPDecodeRGBInto is possible due to an invalid check for buffer size. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-12T08:06:24",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1956829"
},
{
"name": "[debian-lts-announce] 20210605 [SECURITY] [DLA 2672-1] libwebp security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00005.html"
},
{
"name": "[debian-lts-announce] 20210606 [SECURITY] [DLA 2677-1] libwebp security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00006.html"
},
{
"name": "DSA-4930",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2021/dsa-4930"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/kb/HT212601"
},
{
"name": "20210723 APPLE-SA-2021-07-21-1 iOS 14.7 and iPadOS 14.7",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2021/Jul/54"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20211112-0001/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2020-36328",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "libwebp",
"version": {
"version_data": [
{
"version_value": "libwebp 1.0.1"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A flaw was found in libwebp in versions before 1.0.1. A heap-based buffer overflow in function WebPDecodeRGBInto is possible due to an invalid check for buffer size. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-787"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1956829",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1956829"
},
{
"name": "[debian-lts-announce] 20210605 [SECURITY] [DLA 2672-1] libwebp security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00005.html"
},
{
"name": "[debian-lts-announce] 20210606 [SECURITY] [DLA 2677-1] libwebp security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00006.html"
},
{
"name": "DSA-4930",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2021/dsa-4930"
},
{
"name": "https://support.apple.com/kb/HT212601",
"refsource": "CONFIRM",
"url": "https://support.apple.com/kb/HT212601"
},
{
"name": "20210723 APPLE-SA-2021-07-21-1 iOS 14.7 and iPadOS 14.7",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2021/Jul/54"
},
{
"name": "https://security.netapp.com/advisory/ntap-20211112-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20211112-0001/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2020-36328",
"datePublished": "2021-05-21T16:14:21",
"dateReserved": "2021-05-04T00:00:00",
"dateUpdated": "2024-08-04T17:23:10.457Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-9969 (GCVE-0-2016-9969)
Vulnerability from cvelistv5 – Published: 2019-05-23 17:37 – Updated: 2024-08-06 03:07
VLAI?
Summary
In libwebp 0.5.1, there is a double free bug in libwebpmux.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T03:07:31.380Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.chromium.org/p/webp/issues/detail?id=322"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In libwebp 0.5.1, there is a double free bug in libwebpmux."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-23T17:37:54",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.chromium.org/p/webp/issues/detail?id=322"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-9969",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In libwebp 0.5.1, there is a double free bug in libwebpmux."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.chromium.org/p/webp/issues/detail?id=322",
"refsource": "MISC",
"url": "https://bugs.chromium.org/p/webp/issues/detail?id=322"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-9969",
"datePublished": "2019-05-23T17:37:54",
"dateReserved": "2016-12-16T00:00:00",
"dateUpdated": "2024-08-06T03:07:31.380Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-9746 (GCVE-0-2019-9746)
Vulnerability from cvelistv5 – Published: 2019-03-13 16:00 – Updated: 2024-09-16 19:41
VLAI?
Summary
In libwebm before 2019-03-08, a NULL pointer dereference caused by the functions OutputCluster and OutputTracks in webm_info.cc will trigger an abort, which allows a DoS attack, a similar issue to CVE-2018-19212.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T22:01:54.087Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.chromium.org/p/webm/issues/detail?id=1605"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://chromium.googlesource.com/webm/libwebm/+/2427abe0bde234987ed005a3adca461e9a85dfb7"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In libwebm before 2019-03-08, a NULL pointer dereference caused by the functions OutputCluster and OutputTracks in webm_info.cc will trigger an abort, which allows a DoS attack, a similar issue to CVE-2018-19212."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-13T16:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.chromium.org/p/webm/issues/detail?id=1605"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://chromium.googlesource.com/webm/libwebm/+/2427abe0bde234987ed005a3adca461e9a85dfb7"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-9746",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In libwebm before 2019-03-08, a NULL pointer dereference caused by the functions OutputCluster and OutputTracks in webm_info.cc will trigger an abort, which allows a DoS attack, a similar issue to CVE-2018-19212."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.chromium.org/p/webm/issues/detail?id=1605",
"refsource": "MISC",
"url": "https://bugs.chromium.org/p/webm/issues/detail?id=1605"
},
{
"name": "https://chromium.googlesource.com/webm/libwebm/+/2427abe0bde234987ed005a3adca461e9a85dfb7",
"refsource": "MISC",
"url": "https://chromium.googlesource.com/webm/libwebm/+/2427abe0bde234987ed005a3adca461e9a85dfb7"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-9746",
"datePublished": "2019-03-13T16:00:00Z",
"dateReserved": "2019-03-13T00:00:00Z",
"dateUpdated": "2024-09-16T19:41:28.756Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-19212 (GCVE-0-2018-19212)
Vulnerability from cvelistv5 – Published: 2018-11-12 19:00 – Updated: 2024-09-16 21:03
VLAI?
Summary
In libwebm through 2018-10-03, there is an abort caused by libwebm::Webm2Pes::InitWebmParser() that will lead to a DoS attack.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T11:30:04.180Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1644196"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In libwebm through 2018-10-03, there is an abort caused by libwebm::Webm2Pes::InitWebmParser() that will lead to a DoS attack."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-11-12T19:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1644196"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-19212",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In libwebm through 2018-10-03, there is an abort caused by libwebm::Webm2Pes::InitWebmParser() that will lead to a DoS attack."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1644196",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1644196"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-19212",
"datePublished": "2018-11-12T19:00:00Z",
"dateReserved": "2018-11-12T00:00:00Z",
"dateUpdated": "2024-09-16T21:03:30.309Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-6548 (GCVE-0-2018-6548)
Vulnerability from cvelistv5 – Published: 2018-02-02 09:00 – Updated: 2024-08-05 06:10
VLAI?
Summary
A use-after-free issue was discovered in libwebm through 2018-02-02. If a Vp9HeaderParser was initialized once before, its property frame_ would not be changed because of code in vp9parser::Vp9HeaderParser::SetFrame. Its frame_ could be freed while the corresponding pointer would not be updated, leading to a dangling pointer. This is related to the function OutputCluster in webm_info.cc.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:10:10.324Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/dwfault/PoCs/blob/master/libwebm%20Vp9HeaderParser%20UAF%20by%20PrintVP9Info/libwebm%20Vp9HeaderParser%20UAF%20by%20PrintVP9Info.md"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.chromium.org/p/webm/issues/detail?id=1493"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-02-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A use-after-free issue was discovered in libwebm through 2018-02-02. If a Vp9HeaderParser was initialized once before, its property frame_ would not be changed because of code in vp9parser::Vp9HeaderParser::SetFrame. Its frame_ could be freed while the corresponding pointer would not be updated, leading to a dangling pointer. This is related to the function OutputCluster in webm_info.cc."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-02-02T08:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/dwfault/PoCs/blob/master/libwebm%20Vp9HeaderParser%20UAF%20by%20PrintVP9Info/libwebm%20Vp9HeaderParser%20UAF%20by%20PrintVP9Info.md"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.chromium.org/p/webm/issues/detail?id=1493"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-6548",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A use-after-free issue was discovered in libwebm through 2018-02-02. If a Vp9HeaderParser was initialized once before, its property frame_ would not be changed because of code in vp9parser::Vp9HeaderParser::SetFrame. Its frame_ could be freed while the corresponding pointer would not be updated, leading to a dangling pointer. This is related to the function OutputCluster in webm_info.cc."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/dwfault/PoCs/blob/master/libwebm%20Vp9HeaderParser%20UAF%20by%20PrintVP9Info/libwebm%20Vp9HeaderParser%20UAF%20by%20PrintVP9Info.md",
"refsource": "MISC",
"url": "https://github.com/dwfault/PoCs/blob/master/libwebm%20Vp9HeaderParser%20UAF%20by%20PrintVP9Info/libwebm%20Vp9HeaderParser%20UAF%20by%20PrintVP9Info.md"
},
{
"name": "https://bugs.chromium.org/p/webm/issues/detail?id=1493",
"refsource": "MISC",
"url": "https://bugs.chromium.org/p/webm/issues/detail?id=1493"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-6548",
"datePublished": "2018-02-02T09:00:00",
"dateReserved": "2018-02-02T00:00:00",
"dateUpdated": "2024-08-05T06:10:10.324Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-6406 (GCVE-0-2018-6406)
Vulnerability from cvelistv5 – Published: 2018-01-30 21:00 – Updated: 2024-09-17 03:33
VLAI?
Summary
The function ParseVP9SuperFrameIndex in common/libwebm_util.cc in libwebm through 2018-01-30 does not validate the child_frame_length data obtained from a .webm file, which allows remote attackers to cause an information leak or a denial of service (heap-based buffer over-read and later out-of-bounds write), or possibly have unspecified other impact.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:01:49.019Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.chromium.org/p/webm/issues/detail?id=1492"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/dwfault/PoCs/blob/master/libwebm%20ParseVP9SuperFrameIndex%20memory%20corruption/libwebm%20ParseVP9SuperFrameIndex%20OOB%20read.md"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The function ParseVP9SuperFrameIndex in common/libwebm_util.cc in libwebm through 2018-01-30 does not validate the child_frame_length data obtained from a .webm file, which allows remote attackers to cause an information leak or a denial of service (heap-based buffer over-read and later out-of-bounds write), or possibly have unspecified other impact."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-30T21:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.chromium.org/p/webm/issues/detail?id=1492"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/dwfault/PoCs/blob/master/libwebm%20ParseVP9SuperFrameIndex%20memory%20corruption/libwebm%20ParseVP9SuperFrameIndex%20OOB%20read.md"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-6406",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The function ParseVP9SuperFrameIndex in common/libwebm_util.cc in libwebm through 2018-01-30 does not validate the child_frame_length data obtained from a .webm file, which allows remote attackers to cause an information leak or a denial of service (heap-based buffer over-read and later out-of-bounds write), or possibly have unspecified other impact."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.chromium.org/p/webm/issues/detail?id=1492",
"refsource": "MISC",
"url": "https://bugs.chromium.org/p/webm/issues/detail?id=1492"
},
{
"name": "https://github.com/dwfault/PoCs/blob/master/libwebm%20ParseVP9SuperFrameIndex%20memory%20corruption/libwebm%20ParseVP9SuperFrameIndex%20OOB%20read.md",
"refsource": "MISC",
"url": "https://github.com/dwfault/PoCs/blob/master/libwebm%20ParseVP9SuperFrameIndex%20memory%20corruption/libwebm%20ParseVP9SuperFrameIndex%20OOB%20read.md"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-6406",
"datePublished": "2018-01-30T21:00:00Z",
"dateReserved": "2018-01-30T00:00:00Z",
"dateUpdated": "2024-09-17T03:33:34.070Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-9085 (GCVE-0-2016-9085)
Vulnerability from cvelistv5 – Published: 2017-02-03 15:00 – Updated: 2024-08-06 02:42
VLAI?
Summary
Multiple integer overflows in libwebp allows attackers to have unspecified impact via unknown vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:42:10.554Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://chromium.googlesource.com/webm/libwebp/+/e2affacc35f1df6cc3b1a9fa0ceff5ce2d0cce83"
},
{
"name": "93928",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93928"
},
{
"name": "[oss-security] 20161027 Re: CVE requests: some issues in gif2webp",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/10/27/3"
},
{
"name": "FEDORA-2016-160ec6525e",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PTR2ZW67TMT7KC24RBENIF25KWUJ7VPD/"
},
{
"name": "GLSA-201701-61",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201701-61"
},
{
"name": "FEDORA-2016-26ef59f03d",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SH6X3MWD5AHZC5JT4625PGFHAYLR7YW7/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1389338"
},
{
"name": "FEDORA-2016-00d2f5c19f",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LG5Q42J7EJDKQKWTTHCO4YZMOMP74YPQ/"
},
{
"name": "[mina-dev] 20210225 [jira] [Created] (FTPSERVER-500) Security vulnerability in common/lib/log4j-1.2.17.jar",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-10-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple integer overflows in libwebp allows attackers to have unspecified impact via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-02-25T16:06:37",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://chromium.googlesource.com/webm/libwebp/+/e2affacc35f1df6cc3b1a9fa0ceff5ce2d0cce83"
},
{
"name": "93928",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93928"
},
{
"name": "[oss-security] 20161027 Re: CVE requests: some issues in gif2webp",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2016/10/27/3"
},
{
"name": "FEDORA-2016-160ec6525e",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PTR2ZW67TMT7KC24RBENIF25KWUJ7VPD/"
},
{
"name": "GLSA-201701-61",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201701-61"
},
{
"name": "FEDORA-2016-26ef59f03d",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SH6X3MWD5AHZC5JT4625PGFHAYLR7YW7/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1389338"
},
{
"name": "FEDORA-2016-00d2f5c19f",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LG5Q42J7EJDKQKWTTHCO4YZMOMP74YPQ/"
},
{
"name": "[mina-dev] 20210225 [jira] [Created] (FTPSERVER-500) Security vulnerability in common/lib/log4j-1.2.17.jar",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-9085",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple integer overflows in libwebp allows attackers to have unspecified impact via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://chromium.googlesource.com/webm/libwebp/+/e2affacc35f1df6cc3b1a9fa0ceff5ce2d0cce83",
"refsource": "CONFIRM",
"url": "https://chromium.googlesource.com/webm/libwebp/+/e2affacc35f1df6cc3b1a9fa0ceff5ce2d0cce83"
},
{
"name": "93928",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93928"
},
{
"name": "[oss-security] 20161027 Re: CVE requests: some issues in gif2webp",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/10/27/3"
},
{
"name": "FEDORA-2016-160ec6525e",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PTR2ZW67TMT7KC24RBENIF25KWUJ7VPD/"
},
{
"name": "GLSA-201701-61",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201701-61"
},
{
"name": "FEDORA-2016-26ef59f03d",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SH6X3MWD5AHZC5JT4625PGFHAYLR7YW7/"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1389338",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1389338"
},
{
"name": "FEDORA-2016-00d2f5c19f",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LG5Q42J7EJDKQKWTTHCO4YZMOMP74YPQ/"
},
{
"name": "[mina-dev] 20210225 [jira] [Created] (FTPSERVER-500) Security vulnerability in common/lib/log4j-1.2.17.jar",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-9085",
"datePublished": "2017-02-03T15:00:00",
"dateReserved": "2016-10-27T00:00:00",
"dateUpdated": "2024-08-06T02:42:10.554Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-0823 (GCVE-0-2012-0823)
Vulnerability from cvelistv5 – Published: 2012-02-23 19:00 – Updated: 2024-08-06 18:38
VLAI?
Summary
VP8 Codec SDK (libvpx) before 1.0.0 "Duclair" allows remote attackers to cause a denial of service (application crash) via (1) unspecified "corrupt input" or (2) by "starting decoding from a P-frame," which triggers an out-of-bounds read, related to "the clamping of motion vectors in SPLITMV blocks".
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:38:14.724Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "51775",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/51775"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://code.google.com/p/webm/source/browse/CHANGELOG?repo=libvpx"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://blog.webmproject.org/2012/01/vp8-codec-sdk-duclair-released.html"
},
{
"name": "[oss-security] 20120129 Re: (maybe) CVE request: libvpx before 1.0 crasher",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/01/30/2"
},
{
"name": "MDVSA-2012:023",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:023"
},
{
"name": "[oss-security] 20120128 (maybe) CVE request: libvpx before 1.0 crasher",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/01/28/4"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-01-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "VP8 Codec SDK (libvpx) before 1.0.0 \"Duclair\" allows remote attackers to cause a denial of service (application crash) via (1) unspecified \"corrupt input\" or (2) by \"starting decoding from a P-frame,\" which triggers an out-of-bounds read, related to \"the clamping of motion vectors in SPLITMV blocks\"."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-03-21T09:00:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "51775",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/51775"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://code.google.com/p/webm/source/browse/CHANGELOG?repo=libvpx"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://blog.webmproject.org/2012/01/vp8-codec-sdk-duclair-released.html"
},
{
"name": "[oss-security] 20120129 Re: (maybe) CVE request: libvpx before 1.0 crasher",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/01/30/2"
},
{
"name": "MDVSA-2012:023",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:023"
},
{
"name": "[oss-security] 20120128 (maybe) CVE request: libvpx before 1.0 crasher",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/01/28/4"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-0823",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "VP8 Codec SDK (libvpx) before 1.0.0 \"Duclair\" allows remote attackers to cause a denial of service (application crash) via (1) unspecified \"corrupt input\" or (2) by \"starting decoding from a P-frame,\" which triggers an out-of-bounds read, related to \"the clamping of motion vectors in SPLITMV blocks\"."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "51775",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/51775"
},
{
"name": "http://code.google.com/p/webm/source/browse/CHANGELOG?repo=libvpx",
"refsource": "CONFIRM",
"url": "http://code.google.com/p/webm/source/browse/CHANGELOG?repo=libvpx"
},
{
"name": "http://blog.webmproject.org/2012/01/vp8-codec-sdk-duclair-released.html",
"refsource": "CONFIRM",
"url": "http://blog.webmproject.org/2012/01/vp8-codec-sdk-duclair-released.html"
},
{
"name": "[oss-security] 20120129 Re: (maybe) CVE request: libvpx before 1.0 crasher",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/01/30/2"
},
{
"name": "MDVSA-2012:023",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:023"
},
{
"name": "[oss-security] 20120128 (maybe) CVE request: libvpx before 1.0 crasher",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/01/28/4"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-0823",
"datePublished": "2012-02-23T19:00:00",
"dateReserved": "2012-01-19T00:00:00",
"dateUpdated": "2024-08-06T18:38:14.724Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-4203 (GCVE-0-2010-4203)
Vulnerability from cvelistv5 – Published: 2010-11-05 22:00 – Updated: 2024-08-07 03:34
VLAI?
Summary
WebM libvpx (aka the VP8 Codec SDK) before 0.9.5, as used in Google Chrome before 7.0.517.44, allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via invalid frames.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:34:37.749Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "42690",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42690"
},
{
"name": "oval:org.mitre.oval:def:12198",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12198"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://googlechromereleases.blogspot.com/2010/11/stable-channel-update.html"
},
{
"name": "GLSA-201101-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201101-03.xml"
},
{
"name": "RHSA-2010:0999",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0999.html"
},
{
"name": "42109",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42109"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://review.webmproject.org/gitweb?p=libvpx.git%3Ba=blob%3Bf=CHANGELOG"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://code.google.com/p/chromium/issues/detail?id=60055"
},
{
"name": "42118",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42118"
},
{
"name": "ADV-2011-0115",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/0115"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://review.webmproject.org/gitweb?p=libvpx.git%3Ba=commit%3Bh=09bcc1f710ea65dc158639479288fb1908ff0c53"
},
{
"name": "42908",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42908"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-11-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "WebM libvpx (aka the VP8 Codec SDK) before 0.9.5, as used in Google Chrome before 7.0.517.44, allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via invalid frames."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-18T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "42690",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42690"
},
{
"name": "oval:org.mitre.oval:def:12198",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12198"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://googlechromereleases.blogspot.com/2010/11/stable-channel-update.html"
},
{
"name": "GLSA-201101-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201101-03.xml"
},
{
"name": "RHSA-2010:0999",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0999.html"
},
{
"name": "42109",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42109"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://review.webmproject.org/gitweb?p=libvpx.git%3Ba=blob%3Bf=CHANGELOG"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://code.google.com/p/chromium/issues/detail?id=60055"
},
{
"name": "42118",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42118"
},
{
"name": "ADV-2011-0115",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/0115"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://review.webmproject.org/gitweb?p=libvpx.git%3Ba=commit%3Bh=09bcc1f710ea65dc158639479288fb1908ff0c53"
},
{
"name": "42908",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42908"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-4203",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "WebM libvpx (aka the VP8 Codec SDK) before 0.9.5, as used in Google Chrome before 7.0.517.44, allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via invalid frames."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "42690",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42690"
},
{
"name": "oval:org.mitre.oval:def:12198",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12198"
},
{
"name": "http://googlechromereleases.blogspot.com/2010/11/stable-channel-update.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2010/11/stable-channel-update.html"
},
{
"name": "GLSA-201101-03",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201101-03.xml"
},
{
"name": "RHSA-2010:0999",
"refsource": "REDHAT",
"url": "https://rhn.redhat.com/errata/RHSA-2010-0999.html"
},
{
"name": "42109",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42109"
},
{
"name": "http://review.webmproject.org/gitweb?p=libvpx.git;a=blob;f=CHANGELOG",
"refsource": "CONFIRM",
"url": "http://review.webmproject.org/gitweb?p=libvpx.git;a=blob;f=CHANGELOG"
},
{
"name": "http://code.google.com/p/chromium/issues/detail?id=60055",
"refsource": "CONFIRM",
"url": "http://code.google.com/p/chromium/issues/detail?id=60055"
},
{
"name": "42118",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42118"
},
{
"name": "ADV-2011-0115",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0115"
},
{
"name": "http://review.webmproject.org/gitweb?p=libvpx.git;a=commit;h=09bcc1f710ea65dc158639479288fb1908ff0c53",
"refsource": "CONFIRM",
"url": "http://review.webmproject.org/gitweb?p=libvpx.git;a=commit;h=09bcc1f710ea65dc158639479288fb1908ff0c53"
},
{
"name": "42908",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42908"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-4203",
"datePublished": "2010-11-05T22:00:00",
"dateReserved": "2010-11-05T00:00:00",
"dateUpdated": "2024-08-07T03:34:37.749Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}