Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2018-25014 (GCVE-0-2018-25014)
Vulnerability from cvelistv5 – Published: 2021-05-21 16:27 – Updated: 2024-08-05 12:26
VLAI
EPSS
Summary
A use of uninitialized value was found in libwebp in versions before 1.0.1 in ReadSymbol().
Severity
No CVSS data available.
CWE
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=1956927 | x_refsource_MISC |
| https://bugs.chromium.org/p/oss-fuzz/issues/detai… | x_refsource_MISC |
| https://chromium.googlesource.com/webm/libwebp/+l… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T12:26:39.521Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1956927"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9496"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://chromium.googlesource.com/webm/libwebp/+log/78ad57a36ad69a9c22874b182d49d64125c380f2..907208f97ead639bd52"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "libwebp",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "libwebp 1.0.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A use of uninitialized value was found in libwebp in versions before 1.0.1 in ReadSymbol()."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-908",
"description": "CWE-908",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-05T15:23:22.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1956927"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9496"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://chromium.googlesource.com/webm/libwebp/+log/78ad57a36ad69a9c22874b182d49d64125c380f2..907208f97ead639bd52"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2018-25014",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "libwebp",
"version": {
"version_data": [
{
"version_value": "libwebp 1.0.1"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A use of uninitialized value was found in libwebp in versions before 1.0.1 in ReadSymbol()."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-908"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1956927",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1956927"
},
{
"name": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9496",
"refsource": "MISC",
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9496"
},
{
"name": "https://chromium.googlesource.com/webm/libwebp/+log/78ad57a36ad69a9c22874b182d49d64125c380f2..907208f97ead639bd52",
"refsource": "MISC",
"url": "https://chromium.googlesource.com/webm/libwebp/+log/78ad57a36ad69a9c22874b182d49d64125c380f2..907208f97ead639bd52"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2018-25014",
"datePublished": "2021-05-21T16:27:57.000Z",
"dateReserved": "2021-05-04T00:00:00.000Z",
"dateUpdated": "2024-08-05T12:26:39.521Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2018-25014",
"date": "2026-05-25",
"epss": "0.00442",
"percentile": "0.6348"
},
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:webmproject:libwebp:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"1.0.1\", \"matchCriteriaId\": \"97062C06-0227-489B-8E3C-B62050B69C41\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"142AD0DD-4CF3-4D74-9442-459CE3347E3A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F4CFF558-3C47-480D-A2F0-BABF26042943\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"A use of uninitialized value was found in libwebp in versions before 1.0.1 in ReadSymbol().\"}, {\"lang\": \"es\", \"value\": \"Se encontr\\u00f3 un uso de valor no inicializado en libwebp en versiones anteriores a la 1.0.1 en ReadSymbol()\"}]",
"id": "CVE-2018-25014",
"lastModified": "2024-11-21T04:03:21.413",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 9.8, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:P/I:P/A:P\", \"baseScore\": 7.5, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2021-05-21T17:15:08.203",
"references": "[{\"url\": \"https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9496\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=1956927\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Issue Tracking\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://chromium.googlesource.com/webm/libwebp/+log/78ad57a36ad69a9c22874b182d49d64125c380f2..907208f97ead639bd52\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9496\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=1956927\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://chromium.googlesource.com/webm/libwebp/+log/78ad57a36ad69a9c22874b182d49d64125c380f2..907208f97ead639bd52\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}]",
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"secalert@redhat.com\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-908\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-908\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2018-25014\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2021-05-21T17:15:08.203\",\"lastModified\":\"2024-11-21T04:03:21.413\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A use of uninitialized value was found in libwebp in versions before 1.0.1 in ReadSymbol().\"},{\"lang\":\"es\",\"value\":\"Se encontr\u00f3 un uso de valor no inicializado en libwebp en versiones anteriores a la 1.0.1 en ReadSymbol()\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-908\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-908\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:webmproject:libwebp:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.0.1\",\"matchCriteriaId\":\"97062C06-0227-489B-8E3C-B62050B69C41\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"142AD0DD-4CF3-4D74-9442-459CE3347E3A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F4CFF558-3C47-480D-A2F0-BABF26042943\"}]}]}],\"references\":[{\"url\":\"https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9496\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1956927\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://chromium.googlesource.com/webm/libwebp/+log/78ad57a36ad69a9c22874b182d49d64125c380f2..907208f97ead639bd52\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9496\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1956927\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://chromium.googlesource.com/webm/libwebp/+log/78ad57a36ad69a9c22874b182d49d64125c380f2..907208f97ead639bd52\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
}
}
CERTFR-2021-AVI-562
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits Apple. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "iPadOS versions ant\u00e9rieures \u00e0 14.7",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "macOS Catalina versions ant\u00e9rieures \u00e0 2021-004",
"product": {
"name": "macOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "iOS versions ant\u00e9rieures \u00e0 14.7",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "macOS Big Sur versions ant\u00e9rieures \u00e0 11.5",
"product": {
"name": "macOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "macOS Mojave versions ant\u00e9rieures \u00e0 2021-005",
"product": {
"name": "macOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2021-30784",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30784"
},
{
"name": "CVE-2021-30799",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30799"
},
{
"name": "CVE-2021-30672",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30672"
},
{
"name": "CVE-2021-30765",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30765"
},
{
"name": "CVE-2021-30731",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30731"
},
{
"name": "CVE-2021-30792",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30792"
},
{
"name": "CVE-2018-25014",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-25014"
},
{
"name": "CVE-2021-30787",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30787"
},
{
"name": "CVE-2021-30782",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30782"
},
{
"name": "CVE-2021-30800",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30800"
},
{
"name": "CVE-2021-30733",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30733"
},
{
"name": "CVE-2021-30766",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30766"
},
{
"name": "CVE-2018-25011",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-25011"
},
{
"name": "CVE-2021-30774",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30774"
},
{
"name": "CVE-2021-30778",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30778"
},
{
"name": "CVE-2021-30763",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30763"
},
{
"name": "CVE-2021-30776",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30776"
},
{
"name": "CVE-2021-30677",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30677"
},
{
"name": "CVE-2021-30775",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30775"
},
{
"name": "CVE-2021-30789",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30789"
},
{
"name": "CVE-2021-30759",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30759"
},
{
"name": "CVE-2018-25010",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-25010"
},
{
"name": "CVE-2021-30748",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30748"
},
{
"name": "CVE-2021-30796",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30796"
},
{
"name": "CVE-2021-30791",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30791"
},
{
"name": "CVE-2021-30770",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30770"
},
{
"name": "CVE-2021-30797",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30797"
},
{
"name": "CVE-2021-30788",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30788"
},
{
"name": "CVE-2021-30790",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30790"
},
{
"name": "CVE-2021-30703",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30703"
},
{
"name": "CVE-2021-30772",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30772"
},
{
"name": "CVE-2021-30781",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30781"
},
{
"name": "CVE-2021-30773",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30773"
},
{
"name": "CVE-2020-36328",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36328"
},
{
"name": "CVE-2021-30758",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30758"
},
{
"name": "CVE-2021-30803",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30803"
},
{
"name": "CVE-2021-30798",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30798"
},
{
"name": "CVE-2021-30769",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30769"
},
{
"name": "CVE-2021-30760",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30760"
},
{
"name": "CVE-2021-30785",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30785"
},
{
"name": "CVE-2021-30780",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30780"
},
{
"name": "CVE-2020-36330",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36330"
},
{
"name": "CVE-2021-30793",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30793"
},
{
"name": "CVE-2021-30779",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30779"
},
{
"name": "CVE-2021-30805",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30805"
},
{
"name": "CVE-2021-30786",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30786"
},
{
"name": "CVE-2020-36329",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36329"
},
{
"name": "CVE-2021-30804",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30804"
},
{
"name": "CVE-2021-30795",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30795"
},
{
"name": "CVE-2021-30777",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30777"
},
{
"name": "CVE-2020-36331",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36331"
},
{
"name": "CVE-2021-30768",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30768"
},
{
"name": "CVE-2021-30802",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30802"
},
{
"name": "CVE-2021-3518",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3518"
},
{
"name": "CVE-2021-30783",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30783"
}
],
"links": [],
"reference": "CERTFR-2021-AVI-562",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2021-07-22T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Apple.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service et un\ncontournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Apple",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT212601 du 21 juillet 2021",
"url": "https://support.apple.com/en-us/HT212601"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT212600 du 21 juillet 2021",
"url": "https://support.apple.com/en-us/HT212600"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT212602 du 21 juillet 2021",
"url": "https://support.apple.com/en-us/HT212602"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT212603 du 21 juillet 2021",
"url": "https://support.apple.com/en-us/HT212603"
}
]
}
CERTFR-2021-AVI-562
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits Apple. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "iPadOS versions ant\u00e9rieures \u00e0 14.7",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "macOS Catalina versions ant\u00e9rieures \u00e0 2021-004",
"product": {
"name": "macOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "iOS versions ant\u00e9rieures \u00e0 14.7",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "macOS Big Sur versions ant\u00e9rieures \u00e0 11.5",
"product": {
"name": "macOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "macOS Mojave versions ant\u00e9rieures \u00e0 2021-005",
"product": {
"name": "macOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2021-30784",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30784"
},
{
"name": "CVE-2021-30799",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30799"
},
{
"name": "CVE-2021-30672",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30672"
},
{
"name": "CVE-2021-30765",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30765"
},
{
"name": "CVE-2021-30731",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30731"
},
{
"name": "CVE-2021-30792",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30792"
},
{
"name": "CVE-2018-25014",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-25014"
},
{
"name": "CVE-2021-30787",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30787"
},
{
"name": "CVE-2021-30782",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30782"
},
{
"name": "CVE-2021-30800",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30800"
},
{
"name": "CVE-2021-30733",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30733"
},
{
"name": "CVE-2021-30766",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30766"
},
{
"name": "CVE-2018-25011",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-25011"
},
{
"name": "CVE-2021-30774",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30774"
},
{
"name": "CVE-2021-30778",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30778"
},
{
"name": "CVE-2021-30763",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30763"
},
{
"name": "CVE-2021-30776",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30776"
},
{
"name": "CVE-2021-30677",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30677"
},
{
"name": "CVE-2021-30775",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30775"
},
{
"name": "CVE-2021-30789",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30789"
},
{
"name": "CVE-2021-30759",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30759"
},
{
"name": "CVE-2018-25010",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-25010"
},
{
"name": "CVE-2021-30748",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30748"
},
{
"name": "CVE-2021-30796",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30796"
},
{
"name": "CVE-2021-30791",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30791"
},
{
"name": "CVE-2021-30770",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30770"
},
{
"name": "CVE-2021-30797",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30797"
},
{
"name": "CVE-2021-30788",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30788"
},
{
"name": "CVE-2021-30790",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30790"
},
{
"name": "CVE-2021-30703",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30703"
},
{
"name": "CVE-2021-30772",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30772"
},
{
"name": "CVE-2021-30781",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30781"
},
{
"name": "CVE-2021-30773",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30773"
},
{
"name": "CVE-2020-36328",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36328"
},
{
"name": "CVE-2021-30758",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30758"
},
{
"name": "CVE-2021-30803",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30803"
},
{
"name": "CVE-2021-30798",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30798"
},
{
"name": "CVE-2021-30769",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30769"
},
{
"name": "CVE-2021-30760",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30760"
},
{
"name": "CVE-2021-30785",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30785"
},
{
"name": "CVE-2021-30780",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30780"
},
{
"name": "CVE-2020-36330",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36330"
},
{
"name": "CVE-2021-30793",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30793"
},
{
"name": "CVE-2021-30779",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30779"
},
{
"name": "CVE-2021-30805",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30805"
},
{
"name": "CVE-2021-30786",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30786"
},
{
"name": "CVE-2020-36329",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36329"
},
{
"name": "CVE-2021-30804",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30804"
},
{
"name": "CVE-2021-30795",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30795"
},
{
"name": "CVE-2021-30777",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30777"
},
{
"name": "CVE-2020-36331",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36331"
},
{
"name": "CVE-2021-30768",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30768"
},
{
"name": "CVE-2021-30802",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30802"
},
{
"name": "CVE-2021-3518",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3518"
},
{
"name": "CVE-2021-30783",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30783"
}
],
"links": [],
"reference": "CERTFR-2021-AVI-562",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2021-07-22T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Apple.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service et un\ncontournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Apple",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT212601 du 21 juillet 2021",
"url": "https://support.apple.com/en-us/HT212601"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT212600 du 21 juillet 2021",
"url": "https://support.apple.com/en-us/HT212600"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT212602 du 21 juillet 2021",
"url": "https://support.apple.com/en-us/HT212602"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT212603 du 21 juillet 2021",
"url": "https://support.apple.com/en-us/HT212603"
}
]
}
alsa-2021:4231
Vulnerability from osv_almalinux
Published
2021-11-09 08:47
Modified
2021-11-12 10:20
Summary
Moderate: libwebp security update
Details
The libwebp packages provide a library and tools for the WebP graphics format. WebP is an image format with a lossy compression of digital photographic images. WebP consists of a codec based on the VP8 format, and a container based on the Resource Interchange File Format (RIFF). Webmasters, web developers and browser developers can use WebP to compress, archive, and distribute digital images more efficiently.
Security Fix(es):
-
libwebp: out-of-bounds read in WebPMuxCreateInternal (CVE-2018-25009)
-
libwebp: out-of-bounds read in ApplyFilter() (CVE-2018-25010)
-
libwebp: out-of-bounds read in WebPMuxCreateInternal() (CVE-2018-25012)
-
libwebp: out-of-bounds read in ShiftBytes() (CVE-2018-25013)
-
libwebp: use of uninitialized value in ReadSymbol() (CVE-2018-25014)
-
libwebp: out-of-bounds read in ChunkVerifyAndAssign() in mux/muxread.c (CVE-2020-36330)
-
libwebp: out-of-bounds read in ChunkAssignData() in mux/muxinternal.c (CVE-2020-36331)
-
libwebp: excessive memory allocation when reading a file (CVE-2020-36332)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.
References
{
"affected": [
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libwebp"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.0.0-5.el8"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:8",
"name": "libwebp-devel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.0.0-5.el8"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"details": "The libwebp packages provide a library and tools for the WebP graphics format. WebP is an image format with a lossy compression of digital photographic images. WebP consists of a codec based on the VP8 format, and a container based on the Resource Interchange File Format (RIFF). Webmasters, web developers and browser developers can use WebP to compress, archive, and distribute digital images more efficiently.\n\nSecurity Fix(es):\n\n* libwebp: out-of-bounds read in WebPMuxCreateInternal (CVE-2018-25009)\n\n* libwebp: out-of-bounds read in ApplyFilter() (CVE-2018-25010)\n\n* libwebp: out-of-bounds read in WebPMuxCreateInternal() (CVE-2018-25012)\n\n* libwebp: out-of-bounds read in ShiftBytes() (CVE-2018-25013)\n\n* libwebp: use of uninitialized value in ReadSymbol() (CVE-2018-25014)\n\n* libwebp: out-of-bounds read in ChunkVerifyAndAssign() in mux/muxread.c (CVE-2020-36330)\n\n* libwebp: out-of-bounds read in ChunkAssignData() in mux/muxinternal.c (CVE-2020-36331)\n\n* libwebp: excessive memory allocation when reading a file (CVE-2020-36332)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.",
"id": "ALSA-2021:4231",
"modified": "2021-11-12T10:20:56Z",
"published": "2021-11-09T08:47:24Z",
"references": [
{
"type": "ADVISORY",
"url": "https://errata.almalinux.org/8/ALSA-2021-4231.html"
},
{
"type": "REPORT",
"url": "https://vulners.com/cve/CVE-2018-25009"
},
{
"type": "REPORT",
"url": "https://vulners.com/cve/CVE-2018-25010"
},
{
"type": "REPORT",
"url": "https://vulners.com/cve/CVE-2018-25012"
},
{
"type": "REPORT",
"url": "https://vulners.com/cve/CVE-2018-25013"
},
{
"type": "REPORT",
"url": "https://vulners.com/cve/CVE-2018-25014"
},
{
"type": "REPORT",
"url": "https://vulners.com/cve/CVE-2020-36330"
},
{
"type": "REPORT",
"url": "https://vulners.com/cve/CVE-2020-36331"
},
{
"type": "REPORT",
"url": "https://vulners.com/cve/CVE-2020-36332"
}
],
"related": [
"CVE-2018-25009",
"CVE-2018-25010",
"CVE-2018-25012",
"CVE-2018-25013",
"CVE-2018-25014",
"CVE-2020-36330",
"CVE-2020-36331",
"CVE-2020-36332"
],
"summary": "Moderate: libwebp security update"
}
BDU:2021-03106
Vulnerability from fstec - Published: 07.06.2021
VLAI
Title
Уязвимость библиотеки libwebp для кодирования и декодирования изображений в формате WebP, связанная с использованием неинициализированной переменной, позволяющая нарушителю выполнить произвольный код
Description
Уязвимость библиотеки libwebp для кодирования и декодирования изображений в формате WebP связана с использованием неинициализированной переменной. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, выполнить произвольный код
Severity
Vendor
ООО «РусБИТех-Астра», ООО «Ред Софт», Google Inc, АО «НТЦ ИТ РОСА», АО "НППКТ", АО «Концерн ВНИИНС»
Software Name
Astra Linux Special Edition (запись в едином реестре российских программ №369), РЕД ОС (запись в едином реестре российских программ №3751), Astra Linux Special Edition для «Эльбрус» (запись в едином реестре российских программ №11156), libwebp, ROSA Virtualization (запись в едином реестре российских программ №5091), ОСОН ОСнова Оnyx (запись в едином реестре российских программ №5913), ОС ОН «Стрелец» (запись в едином реестре российских программ №6177), ROSA Virtualization 3.0 (запись в едином реестре российских программ №21308)
Software Version
1.6 «Смоленск» (Astra Linux Special Edition), 7.2 Муром (РЕД ОС), 8.1 «Ленинград» (Astra Linux Special Edition для «Эльбрус»), от 0.1.2 до 1.0.1 rc2 (libwebp), 1.7 (Astra Linux Special Edition), 4.7 (Astra Linux Special Edition), 2.1 (ROSA Virtualization), до 2.8 (ОСОН ОСнова Оnyx), до 16.01.2023 (ОС ОН «Стрелец»), 3.0 (ROSA Virtualization 3.0)
Possible Mitigations
Использование рекомендаций:
Для РедОС:
http://repo.red-soft.ru/redos/7.2c/x86_64/updates/
Для libwebp:
https://chromium.googlesource.com/webm/libwebp/+log/78ad57a36ad69a9c22874b182d49d64125c380f2..907208f97ead639bd521cf355a2f203f462eade6
Для Astra Linux:
Использование рекомендаций производителя:
https://wiki.astralinux.ru/astra-linux-se16-bulletin-20211008SE16
https://wiki.astralinux.ru/astra-linux-se17-bulletin-2021-1126SE17
https://wiki.astralinux.ru/astra-linux-se47-bulletin-2022-0114SE47
Для системы управления средой виртуализации «ROSA Virtualization»:
https://abf.rosalinux.ru/advisories/ROSA-SA-2023-2183
Для ОСОН ОСнова Оnyx:
Обновление программного обеспечения libwebp до версии 0.6.1+repack-2+deb10u2.osnova1
Для Astra Linux Special Edition для «Эльбрус» 8.1 «Ленинград»:
обновить пакет libwebp до 0.6.1-2+deb10u3 или более высокой версии, используя рекомендации производителя: https://wiki.astralinux.ru/astra-linux-se81-bulletin-20230315SE81
Для ОС ОН «Стрелец»:
Обновление программного обеспечения libwebp до версии 0.5.2-1+deb9u1
Для программной системы управления средой виртуализации с подсистемой безагентного резервного копирования виртуальных машин «ROSA Virtualization 3.0»: https://abf.rosa.ru/advisories/ROSA-SA-2025-2684
Reference
http://repo.red-soft.ru/redos/7.2c/x86_64/updates/
https://www.cybersecurity-help.cz/vdb/SB2021060725
https://www.securitylab.ru/vulnerability/520950.php
https://chromium.googlesource.com/webm/libwebp/+log/78ad57a36ad69a9c22874b182d49d64125c380f2..907208f97ead639bd521cf355a2f203f462eade6
https://wiki.astralinux.ru/astra-linux-se16-bulletin-20211008SE16
https://wiki.astralinux.ru/astra-linux-se17-bulletin-2021-1126SE17
https://wiki.astralinux.ru/astra-linux-se47-bulletin-2022-0114SE47
https://abf.rosalinux.ru/advisories/ROSA-SA-2023-2183
https://поддержка.нппкт.рф/bin/view/ОСнова/Обновления/2.8/
https://wiki.astralinux.ru/astra-linux-se81-bulletin-20230315SE81
https://strelets.net/patchi-i-obnovleniya-bezopasnosti#16012023
https://abf.rosa.ru/advisories/ROSA-SA-2025-2684
CWE
CWE-457
{
"CVSS 2.0": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS 3.0": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CVSS 4.0": null,
"remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
"remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
"\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "\u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb, \u041e\u041e\u041e \u00ab\u0420\u0435\u0434 \u0421\u043e\u0444\u0442\u00bb, Google Inc, \u0410\u041e \u00ab\u041d\u0422\u0426 \u0418\u0422 \u0420\u041e\u0421\u0410\u00bb, \u0410\u041e \"\u041d\u041f\u041f\u041a\u0422\", \u0410\u041e \u00ab\u041a\u043e\u043d\u0446\u0435\u0440\u043d \u0412\u041d\u0418\u0418\u041d\u0421\u00bb",
"\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "1.6 \u00ab\u0421\u043c\u043e\u043b\u0435\u043d\u0441\u043a\u00bb (Astra Linux Special Edition), 7.2 \u041c\u0443\u0440\u043e\u043c (\u0420\u0415\u0414 \u041e\u0421), 8.1 \u00ab\u041b\u0435\u043d\u0438\u043d\u0433\u0440\u0430\u0434\u00bb (Astra Linux Special Edition \u0434\u043b\u044f \u00ab\u042d\u043b\u044c\u0431\u0440\u0443\u0441\u00bb), \u043e\u0442 0.1.2 \u0434\u043e 1.0.1 rc2 (libwebp), 1.7 (Astra Linux Special Edition), 4.7 (Astra Linux Special Edition), 2.1 (ROSA Virtualization), \u0434\u043e 2.8 (\u041e\u0421\u041e\u041d \u041e\u0421\u043d\u043e\u0432\u0430 \u041enyx), \u0434\u043e 16.01.2023 (\u041e\u0421 \u041e\u041d \u00ab\u0421\u0442\u0440\u0435\u043b\u0435\u0446\u00bb), 3.0 (ROSA Virtualization 3.0)",
"\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\n\u0414\u043b\u044f \u0420\u0435\u0434\u041e\u0421:\nhttp://repo.red-soft.ru/redos/7.2c/x86_64/updates/\n\n\u0414\u043b\u044f libwebp:\nhttps://chromium.googlesource.com/webm/libwebp/+log/78ad57a36ad69a9c22874b182d49d64125c380f2..907208f97ead639bd521cf355a2f203f462eade6\n\n\u0414\u043b\u044f Astra Linux:\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: \nhttps://wiki.astralinux.ru/astra-linux-se16-bulletin-20211008SE16\nhttps://wiki.astralinux.ru/astra-linux-se17-bulletin-2021-1126SE17\nhttps://wiki.astralinux.ru/astra-linux-se47-bulletin-2022-0114SE47\n\n\u0414\u043b\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0441\u0440\u0435\u0434\u043e\u0439 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u00abROSA Virtualization\u00bb: \nhttps://abf.rosalinux.ru/advisories/ROSA-SA-2023-2183\n\n\u0414\u043b\u044f \u041e\u0421\u041e\u041d \u041e\u0421\u043d\u043e\u0432\u0430 \u041enyx:\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f libwebp \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 0.6.1+repack-2+deb10u2.osnova1\n\n\u0414\u043b\u044f Astra Linux Special Edition \u0434\u043b\u044f \u00ab\u042d\u043b\u044c\u0431\u0440\u0443\u0441\u00bb 8.1 \u00ab\u041b\u0435\u043d\u0438\u043d\u0433\u0440\u0430\u0434\u00bb:\n\u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u043a\u0435\u0442 libwebp \u0434\u043e 0.6.1-2+deb10u3 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se81-bulletin-20230315SE81\n\n\u0414\u043b\u044f \u041e\u0421 \u041e\u041d \u00ab\u0421\u0442\u0440\u0435\u043b\u0435\u0446\u00bb:\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f libwebp \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 0.5.2-1+deb9u1\n\n\u0414\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0441\u0440\u0435\u0434\u043e\u0439 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u0441 \u043f\u043e\u0434\u0441\u0438\u0441\u0442\u0435\u043c\u043e\u0439 \u0431\u0435\u0437\u0430\u0433\u0435\u043d\u0442\u043d\u043e\u0433\u043e \u0440\u0435\u0437\u0435\u0440\u0432\u043d\u043e\u0433\u043e \u043a\u043e\u043f\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0445 \u043c\u0430\u0448\u0438\u043d \u00abROSA Virtualization 3.0\u00bb: https://abf.rosa.ru/advisories/ROSA-SA-2025-2684",
"\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "07.06.2021",
"\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "19.03.2025",
"\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "18.06.2021",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2021-03106",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2018-25014",
"\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
"\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
"\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Astra Linux Special Edition (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), \u0420\u0415\u0414 \u041e\u0421 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21163751), Astra Linux Special Edition \u0434\u043b\u044f \u00ab\u042d\u043b\u044c\u0431\u0440\u0443\u0441\u00bb (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u211611156), libwebp, ROSA Virtualization (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21165091), \u041e\u0421\u041e\u041d \u041e\u0421\u043d\u043e\u0432\u0430 \u041enyx (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21165913), \u041e\u0421 \u041e\u041d \u00ab\u0421\u0442\u0440\u0435\u043b\u0435\u0446\u00bb (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21166177), ROSA Virtualization 3.0 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u211621308)",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "\u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 1.6 \u00ab\u0421\u043c\u043e\u043b\u0435\u043d\u0441\u043a\u00bb (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), \u041e\u041e\u041e \u00ab\u0420\u0435\u0434 \u0421\u043e\u0444\u0442\u00bb \u0420\u0415\u0414 \u041e\u0421 7.2 \u041c\u0443\u0440\u043e\u043c (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21163751), \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition \u0434\u043b\u044f \u00ab\u042d\u043b\u044c\u0431\u0440\u0443\u0441\u00bb 8.1 \u00ab\u041b\u0435\u043d\u0438\u043d\u0433\u0440\u0430\u0434\u00bb (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u211611156), \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 1.7 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 4.7 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), \u0410\u041e \u00ab\u041d\u0422\u0426 \u0418\u0422 \u0420\u041e\u0421\u0410\u00bb ROSA Virtualization 2.1 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21165091), \u0410\u041e \"\u041d\u041f\u041f\u041a\u0422\" \u041e\u0421\u041e\u041d \u041e\u0421\u043d\u043e\u0432\u0430 \u041enyx \u0434\u043e 2.8 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21165913), \u0410\u041e \u00ab\u041a\u043e\u043d\u0446\u0435\u0440\u043d \u0412\u041d\u0418\u0418\u041d\u0421\u00bb \u041e\u0421 \u041e\u041d \u00ab\u0421\u0442\u0440\u0435\u043b\u0435\u0446\u00bb \u0434\u043e 16.01.2023 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21166177), \u0410\u041e \u00ab\u041d\u0422\u0426 \u0418\u0422 \u0420\u041e\u0421\u0410\u00bb ROSA Virtualization 3.0 3.0 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u211621308)",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0438 libwebp \u0434\u043b\u044f \u043a\u043e\u0434\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0438 \u0434\u0435\u043a\u043e\u0434\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0438\u0437\u043e\u0431\u0440\u0430\u0436\u0435\u043d\u0438\u0439 \u0432 \u0444\u043e\u0440\u043c\u0430\u0442\u0435 WebP, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u043d\u0435\u0438\u043d\u0438\u0446\u0438\u0430\u043b\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0439 \u043f\u0435\u0440\u0435\u043c\u0435\u043d\u043d\u043e\u0439, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434",
"\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u043d\u0435\u0438\u043d\u0438\u0446\u0438\u0430\u043b\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0439 \u043f\u0435\u0440\u0435\u043c\u0435\u043d\u043d\u043e\u0439 (CWE-457)",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0438 libwebp \u0434\u043b\u044f \u043a\u043e\u0434\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0438 \u0434\u0435\u043a\u043e\u0434\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0438\u0437\u043e\u0431\u0440\u0430\u0436\u0435\u043d\u0438\u0439 \u0432 \u0444\u043e\u0440\u043c\u0430\u0442\u0435 WebP \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u043d\u0435\u0438\u043d\u0438\u0446\u0438\u0430\u043b\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0439 \u043f\u0435\u0440\u0435\u043c\u0435\u043d\u043d\u043e\u0439. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434",
"\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
"\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
"\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u043c\u0438",
"\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "http://repo.red-soft.ru/redos/7.2c/x86_64/updates/\nhttps://www.cybersecurity-help.cz/vdb/SB2021060725\nhttps://www.securitylab.ru/vulnerability/520950.php\nhttps://chromium.googlesource.com/webm/libwebp/+log/78ad57a36ad69a9c22874b182d49d64125c380f2..907208f97ead639bd521cf355a2f203f462eade6\nhttps://wiki.astralinux.ru/astra-linux-se16-bulletin-20211008SE16\nhttps://wiki.astralinux.ru/astra-linux-se17-bulletin-2021-1126SE17\nhttps://wiki.astralinux.ru/astra-linux-se47-bulletin-2022-0114SE47\nhttps://abf.rosalinux.ru/advisories/ROSA-SA-2023-2183\nhttps://\u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0430.\u043d\u043f\u043f\u043a\u0442.\u0440\u0444/bin/view/\u041e\u0421\u043d\u043e\u0432\u0430/\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f/2.8/\nhttps://wiki.astralinux.ru/astra-linux-se81-bulletin-20230315SE81\nhttps://strelets.net/patchi-i-obnovleniya-bezopasnosti#16012023\nhttps://abf.rosa.ru/advisories/ROSA-SA-2025-2684",
"\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
"\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430, \u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c",
"\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-457",
"\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 10)\n\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 8,8)"
}
CNVD-2021-37660
Vulnerability from cnvd - Published: 2021-05-28
VLAI
Title
Libwebp未初始化变量使用漏洞
Description
Libwebp是一个WebP图像格式的编码和解码库。
Libwebp 1.0.1之前的版本存在安全漏洞。该漏洞源于ReadSymbol函数中使用了一个单独的变量。攻击者可利用漏洞威胁数据机密性和完整性以及系统可用性。
Severity
高
Patch Name
Libwebp未初始化变量使用漏洞的补丁
Patch Description
Libwebp是一个WebP图像格式的编码和解码库。
Libwebp 1.0.1之前的版本存在安全漏洞。该漏洞源于ReadSymbol函数中使用了一个单独的变量。攻击者可利用漏洞威胁数据机密性和完整性以及系统可用性。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
目前厂商已发布升级补丁以修复漏洞,补丁获取链接: https://bugzilla.redhat.com/show_bug.cgi?id=1956927
Reference
https://nvd.nist.gov/vuln/detail/CVE-2018-25014
Impacted products
| Name | Libwebp Libwebp <1.0.1 |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2018-25014",
"cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2018-25014"
}
},
"description": "Libwebp\u662f\u4e00\u4e2aWebP\u56fe\u50cf\u683c\u5f0f\u7684\u7f16\u7801\u548c\u89e3\u7801\u5e93\u3002\n\nLibwebp 1.0.1\u4e4b\u524d\u7684\u7248\u672c\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u8be5\u6f0f\u6d1e\u6e90\u4e8eReadSymbol\u51fd\u6570\u4e2d\u4f7f\u7528\u4e86\u4e00\u4e2a\u5355\u72ec\u7684\u53d8\u91cf\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u6f0f\u6d1e\u5a01\u80c1\u6570\u636e\u673a\u5bc6\u6027\u548c\u5b8c\u6574\u6027\u4ee5\u53ca\u7cfb\u7edf\u53ef\u7528\u6027\u3002",
"formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://bugzilla.redhat.com/show_bug.cgi?id=1956927",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2021-37660",
"openTime": "2021-05-28",
"patchDescription": "Libwebp\u662f\u4e00\u4e2aWebP\u56fe\u50cf\u683c\u5f0f\u7684\u7f16\u7801\u548c\u89e3\u7801\u5e93\u3002\r\n\r\nLibwebp 1.0.1\u4e4b\u524d\u7684\u7248\u672c\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u8be5\u6f0f\u6d1e\u6e90\u4e8eReadSymbol\u51fd\u6570\u4e2d\u4f7f\u7528\u4e86\u4e00\u4e2a\u5355\u72ec\u7684\u53d8\u91cf\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u6f0f\u6d1e\u5a01\u80c1\u6570\u636e\u673a\u5bc6\u6027\u548c\u5b8c\u6574\u6027\u4ee5\u53ca\u7cfb\u7edf\u53ef\u7528\u6027\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "Libwebp\u672a\u521d\u59cb\u5316\u53d8\u91cf\u4f7f\u7528\u6f0f\u6d1e\u7684\u8865\u4e01",
"products": {
"product": "Libwebp Libwebp \u003c1.0.1"
},
"referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2018-25014",
"serverity": "\u9ad8",
"submitTime": "2021-05-24",
"title": "Libwebp\u672a\u521d\u59cb\u5316\u53d8\u91cf\u4f7f\u7528\u6f0f\u6d1e"
}
FKIE_CVE-2018-25014
Vulnerability from fkie_nvd - Published: 2021-05-21 17:15 - Updated: 2024-11-21 04:03
Severity
Summary
A use of uninitialized value was found in libwebp in versions before 1.0.1 in ReadSymbol().
References
| URL | Tags | ||
|---|---|---|---|
| secalert@redhat.com | https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9496 | Third Party Advisory | |
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=1956927 | Issue Tracking, Patch, Third Party Advisory | |
| secalert@redhat.com | https://chromium.googlesource.com/webm/libwebp/+log/78ad57a36ad69a9c22874b182d49d64125c380f2..907208f97ead639bd52 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9496 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=1956927 | Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://chromium.googlesource.com/webm/libwebp/+log/78ad57a36ad69a9c22874b182d49d64125c380f2..907208f97ead639bd52 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| webmproject | libwebp | * | |
| redhat | enterprise_linux | 7.0 | |
| redhat | enterprise_linux | 8.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:webmproject:libwebp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "97062C06-0227-489B-8E3C-B62050B69C41",
"versionEndExcluding": "1.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A use of uninitialized value was found in libwebp in versions before 1.0.1 in ReadSymbol()."
},
{
"lang": "es",
"value": "Se encontr\u00f3 un uso de valor no inicializado en libwebp en versiones anteriores a la 1.0.1 en ReadSymbol()"
}
],
"id": "CVE-2018-25014",
"lastModified": "2024-11-21T04:03:21.413",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-05-21T17:15:08.203",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9496"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1956927"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://chromium.googlesource.com/webm/libwebp/+log/78ad57a36ad69a9c22874b182d49d64125c380f2..907208f97ead639bd52"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9496"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1956927"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://chromium.googlesource.com/webm/libwebp/+log/78ad57a36ad69a9c22874b182d49d64125c380f2..907208f97ead639bd52"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-908"
}
],
"source": "secalert@redhat.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-908"
}
],
"source": "nvd@nist.gov",
"type": "Secondary"
}
]
}
GHSA-RR28-4V9R-6WCQ
Vulnerability from github – Published: 2022-05-24 19:02 – Updated: 2022-08-06 00:00
VLAI
Details
A flaw was found in libwebp in versions before 1.0.1. An unitialized variable is used in function ReadSymbol. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Severity
9.8 (Critical)
{
"affected": [],
"aliases": [
"CVE-2018-25014"
],
"database_specific": {
"cwe_ids": [
"CWE-908"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-05-21T17:15:00Z",
"severity": "CRITICAL"
},
"details": "A flaw was found in libwebp in versions before 1.0.1. An unitialized variable is used in function ReadSymbol. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"id": "GHSA-rr28-4v9r-6wcq",
"modified": "2022-08-06T00:00:44Z",
"published": "2022-05-24T19:02:55Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-25014"
},
{
"type": "WEB",
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9496"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1956927"
},
{
"type": "WEB",
"url": "https://chromium.googlesource.com/webm/libwebp/+log/78ad57a36ad69a9c22874b182d49d64125c380f2..907208f97ead639bd52"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00005.html"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00006.html"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20211104-0004"
},
{
"type": "WEB",
"url": "https://support.apple.com/kb/HT212601"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2021/dsa-4930"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2021/Jul/54"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GSD-2018-25014
Vulnerability from gsd - Updated: 2023-12-13 01:22Details
A use of uninitialized value was found in libwebp in versions before 1.0.1 in ReadSymbol().
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2018-25014",
"description": "A flaw was found in libwebp in versions before 1.0.1. An unitialized variable is used in function ReadSymbol. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"id": "GSD-2018-25014",
"references": [
"https://www.suse.com/security/cve/CVE-2018-25014.html",
"https://www.debian.org/security/2021/dsa-4930",
"https://access.redhat.com/errata/RHSA-2021:4231",
"https://access.redhat.com/errata/RHSA-2021:2328",
"https://ubuntu.com/security/CVE-2018-25014",
"https://linux.oracle.com/cve/CVE-2018-25014.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2018-25014"
],
"details": "A use of uninitialized value was found in libwebp in versions before 1.0.1 in ReadSymbol().",
"id": "GSD-2018-25014",
"modified": "2023-12-13T01:22:36.706177Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2018-25014",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "libwebp",
"version": {
"version_data": [
{
"version_value": "libwebp 1.0.1"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A use of uninitialized value was found in libwebp in versions before 1.0.1 in ReadSymbol()."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-908"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1956927",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1956927"
},
{
"name": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9496",
"refsource": "MISC",
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9496"
},
{
"name": "https://chromium.googlesource.com/webm/libwebp/+log/78ad57a36ad69a9c22874b182d49d64125c380f2..907208f97ead639bd52",
"refsource": "MISC",
"url": "https://chromium.googlesource.com/webm/libwebp/+log/78ad57a36ad69a9c22874b182d49d64125c380f2..907208f97ead639bd52"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:webmproject:libwebp:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.0.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2018-25014"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "A use of uninitialized value was found in libwebp in versions before 1.0.1 in ReadSymbol()."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-908"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1956927",
"refsource": "MISC",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1956927"
},
{
"name": "https://chromium.googlesource.com/webm/libwebp/+log/78ad57a36ad69a9c22874b182d49d64125c380f2..907208f97ead639bd52",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://chromium.googlesource.com/webm/libwebp/+log/78ad57a36ad69a9c22874b182d49d64125c380f2..907208f97ead639bd52"
},
{
"name": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9496",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9496"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
},
"lastModifiedDate": "2023-02-09T02:24Z",
"publishedDate": "2021-05-21T17:15Z"
}
}
}
MSRC_CVE-2018-25014
Vulnerability from csaf_microsoft - Published: 2021-05-02 00:00 - Updated: 2021-05-25 00:00Summary
A use of uninitialized value was found in libwebp in versions before 1.0.1 in ReadSymbol().
Notes
Additional Resources: To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle
Disclaimer: The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.
References
4 references
| URL | Category |
|---|---|
| https://msrc.microsoft.com/csaf/vex/2021/msrc_cve… | self |
| https://support.microsoft.com/lifecycle | external |
| https://www.first.org/cvss | external |
| https://msrc.microsoft.com/csaf/vex/2021/msrc_cve… | self |
{
"document": {
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Public",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
"title": "Disclaimer"
}
],
"publisher": {
"category": "vendor",
"contact_details": "secure@microsoft.com",
"name": "Microsoft Security Response Center",
"namespace": "https://msrc.microsoft.com"
},
"references": [
{
"category": "self",
"summary": "CVE-2018-25014 A use of uninitialized value was found in libwebp in versions before 1.0.1 in ReadSymbol(). - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2021/msrc_cve-2018-25014.json"
},
{
"category": "external",
"summary": "Microsoft Support Lifecycle",
"url": "https://support.microsoft.com/lifecycle"
},
{
"category": "external",
"summary": "Common Vulnerability Scoring System",
"url": "https://www.first.org/cvss"
}
],
"title": "A use of uninitialized value was found in libwebp in versions before 1.0.1 in ReadSymbol().",
"tracking": {
"current_release_date": "2021-05-25T00:00:00.000Z",
"generator": {
"date": "2025-10-19T21:59:28.378Z",
"engine": {
"name": "MSRC Generator",
"version": "1.0"
}
},
"id": "msrc_CVE-2018-25014",
"initial_release_date": "2021-05-02T00:00:00.000Z",
"revision_history": [
{
"date": "2021-05-25T00:00:00.000Z",
"legacy_version": "1",
"number": "1",
"summary": "Information published."
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "1.0",
"product": {
"name": "CBL Mariner 1.0",
"product_id": "16820"
}
}
],
"category": "product_name",
"name": "Azure Linux"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003ccm1 libwebp 1.0.3-1",
"product": {
"name": "\u003ccm1 libwebp 1.0.3-1",
"product_id": "1"
}
},
{
"category": "product_version",
"name": "cm1 libwebp 1.0.3-1",
"product": {
"name": "cm1 libwebp 1.0.3-1",
"product_id": "16967"
}
}
],
"category": "product_name",
"name": "libwebp"
}
],
"category": "vendor",
"name": "Microsoft"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003ccm1 libwebp 1.0.3-1 as a component of CBL Mariner 1.0",
"product_id": "16820-1"
},
"product_reference": "1",
"relates_to_product_reference": "16820"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cm1 libwebp 1.0.3-1 as a component of CBL Mariner 1.0",
"product_id": "16967-16820"
},
"product_reference": "16967",
"relates_to_product_reference": "16820"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-25014",
"cwe": {
"id": "CWE-908",
"name": "Use of Uninitialized Resource"
},
"notes": [
{
"category": "general",
"text": "redhat",
"title": "Assigning CNA"
}
],
"product_status": {
"fixed": [
"16967-16820"
],
"known_affected": [
"16820-1"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2018-25014 A use of uninitialized value was found in libwebp in versions before 1.0.1 in ReadSymbol(). - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2021/msrc_cve-2018-25014.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"date": "2021-05-25T00:00:00.000Z",
"details": "1.0.3-1:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"16820-1"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"environmentalsScore": 0.0,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 9.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"16820-1"
]
}
],
"title": "A use of uninitialized value was found in libwebp in versions before 1.0.1 in ReadSymbol()."
}
]
}
RHSA-2021:2328
Vulnerability from csaf_redhat - Published: 2021-06-08 22:42 - Updated: 2025-11-21 18:23Summary
Red Hat Security Advisory: qt5-qtimageformats security update
Severity
Important
Notes
Topic: An update for qt5-qtimageformats is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: The Qt Image Formats in an add-on module for the core Qt Gui library that provides support for additional image formats including MNG, TGA, TIFF, WBMP, and WebP.
Security Fix(es):
* libwebp: heap-based buffer overflow in PutLE16() (CVE-2018-25011)
* libwebp: use of uninitialized value in ReadSymbol() (CVE-2018-25014)
* libwebp: heap-based buffer overflow in WebPDecode*Into functions (CVE-2020-36328)
* libwebp: use-after-free in EmitFancyRGB() in dec/io_dec.c (CVE-2020-36329)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in libwebp. A heap-based buffer overflow was found in PutLE16(). The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
9.8 (Critical)
Affected products
Fixed
64 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.9.Z:qt5-qtimageformats-doc-0:5.9.7-2.el7_9.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-7.9.Z:qt5-qtimageformats-doc-0:5.9.7-2.el7_9.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.9.Z:qt5-qtimageformats-doc-0:5.9.7-2.el7_9.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:qt5-qtimageformats-doc-0:5.9.7-2.el7_9.noarch | — |
Vendor Fix
fix
|
Threats
Impact
Important
A flaw was found in libwebp. An unitialized variable is used in function ReadSymbol. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
9.8 (Critical)
Affected products
Fixed
64 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.9.Z:qt5-qtimageformats-doc-0:5.9.7-2.el7_9.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-7.9.Z:qt5-qtimageformats-doc-0:5.9.7-2.el7_9.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.9.Z:qt5-qtimageformats-doc-0:5.9.7-2.el7_9.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:qt5-qtimageformats-doc-0:5.9.7-2.el7_9.noarch | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in libwebp. A heap-based buffer overflow in functions WebPDecode*Into is possible due to an invalid check for buffer size. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
9.8 (Critical)
Affected products
Fixed
64 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.9.Z:qt5-qtimageformats-doc-0:5.9.7-2.el7_9.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-7.9.Z:qt5-qtimageformats-doc-0:5.9.7-2.el7_9.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.9.Z:qt5-qtimageformats-doc-0:5.9.7-2.el7_9.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:qt5-qtimageformats-doc-0:5.9.7-2.el7_9.noarch | — |
Vendor Fix
fix
|
Threats
Impact
Important
A flaw was found in libwebp. A use-after-free was found due to a thread being killed too early. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
9.8 (Critical)
Affected products
Fixed
64 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-7.9.Z:qt5-qtimageformats-doc-0:5.9.7-2.el7_9.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-7.9.Z:qt5-qtimageformats-doc-0:5.9.7-2.el7_9.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-7.9.Z:qt5-qtimageformats-doc-0:5.9.7-2.el7_9.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Workstation-optional-7.9.Z:qt5-qtimageformats-doc-0:5.9.7-2.el7_9.noarch | — |
Vendor Fix
fix
|
Threats
Impact
Important
References
23 references
| URL | Category |
|---|---|
| https://access.redhat.com/errata/RHSA-2021:2328 | self |
| https://access.redhat.com/security/updates/classi… | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=1956829 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=1956843 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=1956919 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=1956927 | external |
| https://security.access.redhat.com/data/csaf/v2/a… | self |
| https://access.redhat.com/security/cve/CVE-2018-25011 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=1956919 | external |
| https://www.cve.org/CVERecord?id=CVE-2018-25011 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2018-25011 | external |
| https://access.redhat.com/security/cve/CVE-2018-25014 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=1956927 | external |
| https://www.cve.org/CVERecord?id=CVE-2018-25014 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2018-25014 | external |
| https://access.redhat.com/security/cve/CVE-2020-36328 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=1956829 | external |
| https://www.cve.org/CVERecord?id=CVE-2020-36328 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2020-36328 | external |
| https://access.redhat.com/security/cve/CVE-2020-36329 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=1956843 | external |
| https://www.cve.org/CVERecord?id=CVE-2020-36329 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2020-36329 | external |
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for qt5-qtimageformats is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The Qt Image Formats in an add-on module for the core Qt Gui library that provides support for additional image formats including MNG, TGA, TIFF, WBMP, and WebP.\n\nSecurity Fix(es):\n\n* libwebp: heap-based buffer overflow in PutLE16() (CVE-2018-25011)\n\n* libwebp: use of uninitialized value in ReadSymbol() (CVE-2018-25014)\n\n* libwebp: heap-based buffer overflow in WebPDecode*Into functions (CVE-2020-36328)\n\n* libwebp: use-after-free in EmitFancyRGB() in dec/io_dec.c (CVE-2020-36329)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2021:2328",
"url": "https://access.redhat.com/errata/RHSA-2021:2328"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1956829",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1956829"
},
{
"category": "external",
"summary": "1956843",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1956843"
},
{
"category": "external",
"summary": "1956919",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1956919"
},
{
"category": "external",
"summary": "1956927",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1956927"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_2328.json"
}
],
"title": "Red Hat Security Advisory: qt5-qtimageformats security update",
"tracking": {
"current_release_date": "2025-11-21T18:23:21+00:00",
"generator": {
"date": "2025-11-21T18:23:21+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2021:2328",
"initial_release_date": "2021-06-08T22:42:52+00:00",
"revision_history": [
{
"date": "2021-06-08T22:42:52+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2021-06-08T22:42:52+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T18:23:21+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server Optional (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::workstation"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::workstation"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "qt5-qtimageformats-0:5.9.7-2.el7_9.src",
"product": {
"name": "qt5-qtimageformats-0:5.9.7-2.el7_9.src",
"product_id": "qt5-qtimageformats-0:5.9.7-2.el7_9.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/qt5-qtimageformats@5.9.7-2.el7_9?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "qt5-qtimageformats-0:5.9.7-2.el7_9.ppc",
"product": {
"name": "qt5-qtimageformats-0:5.9.7-2.el7_9.ppc",
"product_id": "qt5-qtimageformats-0:5.9.7-2.el7_9.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/qt5-qtimageformats@5.9.7-2.el7_9?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc",
"product": {
"name": "qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc",
"product_id": "qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/qt5-qtimageformats-debuginfo@5.9.7-2.el7_9?arch=ppc"
}
}
}
],
"category": "architecture",
"name": "ppc"
},
{
"branches": [
{
"category": "product_version",
"name": "qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64",
"product": {
"name": "qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64",
"product_id": "qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/qt5-qtimageformats@5.9.7-2.el7_9?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64",
"product": {
"name": "qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64",
"product_id": "qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/qt5-qtimageformats-debuginfo@5.9.7-2.el7_9?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "qt5-qtimageformats-0:5.9.7-2.el7_9.s390",
"product": {
"name": "qt5-qtimageformats-0:5.9.7-2.el7_9.s390",
"product_id": "qt5-qtimageformats-0:5.9.7-2.el7_9.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/qt5-qtimageformats@5.9.7-2.el7_9?arch=s390"
}
}
},
{
"category": "product_version",
"name": "qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390",
"product": {
"name": "qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390",
"product_id": "qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/qt5-qtimageformats-debuginfo@5.9.7-2.el7_9?arch=s390"
}
}
}
],
"category": "architecture",
"name": "s390"
},
{
"branches": [
{
"category": "product_version",
"name": "qt5-qtimageformats-0:5.9.7-2.el7_9.s390x",
"product": {
"name": "qt5-qtimageformats-0:5.9.7-2.el7_9.s390x",
"product_id": "qt5-qtimageformats-0:5.9.7-2.el7_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/qt5-qtimageformats@5.9.7-2.el7_9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390x",
"product": {
"name": "qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390x",
"product_id": "qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/qt5-qtimageformats-debuginfo@5.9.7-2.el7_9?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64le",
"product": {
"name": "qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64le",
"product_id": "qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/qt5-qtimageformats@5.9.7-2.el7_9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64le",
"product": {
"name": "qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64le",
"product_id": "qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/qt5-qtimageformats-debuginfo@5.9.7-2.el7_9?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "qt5-qtimageformats-0:5.9.7-2.el7_9.i686",
"product": {
"name": "qt5-qtimageformats-0:5.9.7-2.el7_9.i686",
"product_id": "qt5-qtimageformats-0:5.9.7-2.el7_9.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/qt5-qtimageformats@5.9.7-2.el7_9?arch=i686"
}
}
},
{
"category": "product_version",
"name": "qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.i686",
"product": {
"name": "qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.i686",
"product_id": "qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/qt5-qtimageformats-debuginfo@5.9.7-2.el7_9?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "qt5-qtimageformats-0:5.9.7-2.el7_9.x86_64",
"product": {
"name": "qt5-qtimageformats-0:5.9.7-2.el7_9.x86_64",
"product_id": "qt5-qtimageformats-0:5.9.7-2.el7_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/qt5-qtimageformats@5.9.7-2.el7_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.x86_64",
"product": {
"name": "qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.x86_64",
"product_id": "qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/qt5-qtimageformats-debuginfo@5.9.7-2.el7_9?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "qt5-qtimageformats-doc-0:5.9.7-2.el7_9.noarch",
"product": {
"name": "qt5-qtimageformats-doc-0:5.9.7-2.el7_9.noarch",
"product_id": "qt5-qtimageformats-doc-0:5.9.7-2.el7_9.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/qt5-qtimageformats-doc@5.9.7-2.el7_9?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "qt5-qtimageformats-0:5.9.7-2.el7_9.i686 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.i686"
},
"product_reference": "qt5-qtimageformats-0:5.9.7-2.el7_9.i686",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qt5-qtimageformats-0:5.9.7-2.el7_9.ppc as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc"
},
"product_reference": "qt5-qtimageformats-0:5.9.7-2.el7_9.ppc",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64"
},
"product_reference": "qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64le"
},
"product_reference": "qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64le",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qt5-qtimageformats-0:5.9.7-2.el7_9.s390 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390"
},
"product_reference": "qt5-qtimageformats-0:5.9.7-2.el7_9.s390",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qt5-qtimageformats-0:5.9.7-2.el7_9.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390x"
},
"product_reference": "qt5-qtimageformats-0:5.9.7-2.el7_9.s390x",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qt5-qtimageformats-0:5.9.7-2.el7_9.src as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.src"
},
"product_reference": "qt5-qtimageformats-0:5.9.7-2.el7_9.src",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qt5-qtimageformats-0:5.9.7-2.el7_9.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.x86_64"
},
"product_reference": "qt5-qtimageformats-0:5.9.7-2.el7_9.x86_64",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.i686 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.i686"
},
"product_reference": "qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.i686",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc"
},
"product_reference": "qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64"
},
"product_reference": "qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64le"
},
"product_reference": "qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64le",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390"
},
"product_reference": "qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390x"
},
"product_reference": "qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390x",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.x86_64"
},
"product_reference": "qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.x86_64",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qt5-qtimageformats-doc-0:5.9.7-2.el7_9.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9.Z:qt5-qtimageformats-doc-0:5.9.7-2.el7_9.noarch"
},
"product_reference": "qt5-qtimageformats-doc-0:5.9.7-2.el7_9.noarch",
"relates_to_product_reference": "7Server-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qt5-qtimageformats-0:5.9.7-2.el7_9.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.i686"
},
"product_reference": "qt5-qtimageformats-0:5.9.7-2.el7_9.i686",
"relates_to_product_reference": "7Server-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qt5-qtimageformats-0:5.9.7-2.el7_9.ppc as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc"
},
"product_reference": "qt5-qtimageformats-0:5.9.7-2.el7_9.ppc",
"relates_to_product_reference": "7Server-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64"
},
"product_reference": "qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64",
"relates_to_product_reference": "7Server-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64le"
},
"product_reference": "qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64le",
"relates_to_product_reference": "7Server-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qt5-qtimageformats-0:5.9.7-2.el7_9.s390 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390"
},
"product_reference": "qt5-qtimageformats-0:5.9.7-2.el7_9.s390",
"relates_to_product_reference": "7Server-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qt5-qtimageformats-0:5.9.7-2.el7_9.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390x"
},
"product_reference": "qt5-qtimageformats-0:5.9.7-2.el7_9.s390x",
"relates_to_product_reference": "7Server-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qt5-qtimageformats-0:5.9.7-2.el7_9.src as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.src"
},
"product_reference": "qt5-qtimageformats-0:5.9.7-2.el7_9.src",
"relates_to_product_reference": "7Server-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qt5-qtimageformats-0:5.9.7-2.el7_9.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.x86_64"
},
"product_reference": "qt5-qtimageformats-0:5.9.7-2.el7_9.x86_64",
"relates_to_product_reference": "7Server-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.i686"
},
"product_reference": "qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.i686",
"relates_to_product_reference": "7Server-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc"
},
"product_reference": "qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc",
"relates_to_product_reference": "7Server-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64"
},
"product_reference": "qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64",
"relates_to_product_reference": "7Server-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64le"
},
"product_reference": "qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64le",
"relates_to_product_reference": "7Server-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390"
},
"product_reference": "qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390",
"relates_to_product_reference": "7Server-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390x"
},
"product_reference": "qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390x",
"relates_to_product_reference": "7Server-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.x86_64"
},
"product_reference": "qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.x86_64",
"relates_to_product_reference": "7Server-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qt5-qtimageformats-doc-0:5.9.7-2.el7_9.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.9.Z:qt5-qtimageformats-doc-0:5.9.7-2.el7_9.noarch"
},
"product_reference": "qt5-qtimageformats-doc-0:5.9.7-2.el7_9.noarch",
"relates_to_product_reference": "7Server-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qt5-qtimageformats-0:5.9.7-2.el7_9.i686 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.i686"
},
"product_reference": "qt5-qtimageformats-0:5.9.7-2.el7_9.i686",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qt5-qtimageformats-0:5.9.7-2.el7_9.ppc as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc"
},
"product_reference": "qt5-qtimageformats-0:5.9.7-2.el7_9.ppc",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64"
},
"product_reference": "qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64le"
},
"product_reference": "qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64le",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qt5-qtimageformats-0:5.9.7-2.el7_9.s390 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390"
},
"product_reference": "qt5-qtimageformats-0:5.9.7-2.el7_9.s390",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qt5-qtimageformats-0:5.9.7-2.el7_9.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390x"
},
"product_reference": "qt5-qtimageformats-0:5.9.7-2.el7_9.s390x",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qt5-qtimageformats-0:5.9.7-2.el7_9.src as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.src"
},
"product_reference": "qt5-qtimageformats-0:5.9.7-2.el7_9.src",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qt5-qtimageformats-0:5.9.7-2.el7_9.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.x86_64"
},
"product_reference": "qt5-qtimageformats-0:5.9.7-2.el7_9.x86_64",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.i686 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.i686"
},
"product_reference": "qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.i686",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc"
},
"product_reference": "qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64"
},
"product_reference": "qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64le"
},
"product_reference": "qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64le",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390"
},
"product_reference": "qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390x"
},
"product_reference": "qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390x",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.x86_64"
},
"product_reference": "qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.x86_64",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qt5-qtimageformats-doc-0:5.9.7-2.el7_9.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9.Z:qt5-qtimageformats-doc-0:5.9.7-2.el7_9.noarch"
},
"product_reference": "qt5-qtimageformats-doc-0:5.9.7-2.el7_9.noarch",
"relates_to_product_reference": "7Workstation-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qt5-qtimageformats-0:5.9.7-2.el7_9.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.i686"
},
"product_reference": "qt5-qtimageformats-0:5.9.7-2.el7_9.i686",
"relates_to_product_reference": "7Workstation-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qt5-qtimageformats-0:5.9.7-2.el7_9.ppc as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc"
},
"product_reference": "qt5-qtimageformats-0:5.9.7-2.el7_9.ppc",
"relates_to_product_reference": "7Workstation-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64"
},
"product_reference": "qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64",
"relates_to_product_reference": "7Workstation-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64le"
},
"product_reference": "qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64le",
"relates_to_product_reference": "7Workstation-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qt5-qtimageformats-0:5.9.7-2.el7_9.s390 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390"
},
"product_reference": "qt5-qtimageformats-0:5.9.7-2.el7_9.s390",
"relates_to_product_reference": "7Workstation-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qt5-qtimageformats-0:5.9.7-2.el7_9.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390x"
},
"product_reference": "qt5-qtimageformats-0:5.9.7-2.el7_9.s390x",
"relates_to_product_reference": "7Workstation-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qt5-qtimageformats-0:5.9.7-2.el7_9.src as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.src"
},
"product_reference": "qt5-qtimageformats-0:5.9.7-2.el7_9.src",
"relates_to_product_reference": "7Workstation-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qt5-qtimageformats-0:5.9.7-2.el7_9.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.x86_64"
},
"product_reference": "qt5-qtimageformats-0:5.9.7-2.el7_9.x86_64",
"relates_to_product_reference": "7Workstation-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.i686"
},
"product_reference": "qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.i686",
"relates_to_product_reference": "7Workstation-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc"
},
"product_reference": "qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc",
"relates_to_product_reference": "7Workstation-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64"
},
"product_reference": "qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64",
"relates_to_product_reference": "7Workstation-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64le"
},
"product_reference": "qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64le",
"relates_to_product_reference": "7Workstation-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390"
},
"product_reference": "qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390",
"relates_to_product_reference": "7Workstation-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390x"
},
"product_reference": "qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390x",
"relates_to_product_reference": "7Workstation-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.x86_64"
},
"product_reference": "qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.x86_64",
"relates_to_product_reference": "7Workstation-optional-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qt5-qtimageformats-doc-0:5.9.7-2.el7_9.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.9.Z:qt5-qtimageformats-doc-0:5.9.7-2.el7_9.noarch"
},
"product_reference": "qt5-qtimageformats-doc-0:5.9.7-2.el7_9.noarch",
"relates_to_product_reference": "7Workstation-optional-7.9.Z"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-25011",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2021-03-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1956919"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in libwebp. A heap-based buffer overflow was found in PutLE16(). The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libwebp: heap-based buffer overflow in PutLE16()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue did not affect the versions of Firefox and Thunderbird as shipped with Red Hat Enterprise Linux 7, and 8 as they embed the fixed version of libwebp.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.i686",
"7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc",
"7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64",
"7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64le",
"7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390",
"7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390x",
"7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.src",
"7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.x86_64",
"7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.i686",
"7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc",
"7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64",
"7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64le",
"7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390",
"7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390x",
"7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.x86_64",
"7Server-7.9.Z:qt5-qtimageformats-doc-0:5.9.7-2.el7_9.noarch",
"7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.i686",
"7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc",
"7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64",
"7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64le",
"7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390",
"7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390x",
"7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.src",
"7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.x86_64",
"7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.i686",
"7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc",
"7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64",
"7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64le",
"7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390",
"7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390x",
"7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.x86_64",
"7Server-optional-7.9.Z:qt5-qtimageformats-doc-0:5.9.7-2.el7_9.noarch",
"7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.i686",
"7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc",
"7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64",
"7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64le",
"7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390",
"7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390x",
"7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.src",
"7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.x86_64",
"7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.i686",
"7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc",
"7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64",
"7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64le",
"7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390",
"7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390x",
"7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.x86_64",
"7Workstation-7.9.Z:qt5-qtimageformats-doc-0:5.9.7-2.el7_9.noarch",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.i686",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390x",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.src",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.x86_64",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.i686",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390x",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.x86_64",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-doc-0:5.9.7-2.el7_9.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-25011"
},
{
"category": "external",
"summary": "RHBZ#1956919",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1956919"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-25011",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-25011"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-25011",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-25011"
}
],
"release_date": "2018-07-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-06-08T22:42:52+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.i686",
"7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc",
"7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64",
"7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64le",
"7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390",
"7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390x",
"7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.src",
"7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.x86_64",
"7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.i686",
"7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc",
"7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64",
"7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64le",
"7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390",
"7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390x",
"7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.x86_64",
"7Server-7.9.Z:qt5-qtimageformats-doc-0:5.9.7-2.el7_9.noarch",
"7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.i686",
"7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc",
"7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64",
"7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64le",
"7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390",
"7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390x",
"7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.src",
"7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.x86_64",
"7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.i686",
"7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc",
"7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64",
"7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64le",
"7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390",
"7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390x",
"7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.x86_64",
"7Server-optional-7.9.Z:qt5-qtimageformats-doc-0:5.9.7-2.el7_9.noarch",
"7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.i686",
"7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc",
"7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64",
"7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64le",
"7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390",
"7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390x",
"7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.src",
"7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.x86_64",
"7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.i686",
"7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc",
"7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64",
"7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64le",
"7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390",
"7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390x",
"7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.x86_64",
"7Workstation-7.9.Z:qt5-qtimageformats-doc-0:5.9.7-2.el7_9.noarch",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.i686",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390x",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.src",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.x86_64",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.i686",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390x",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.x86_64",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-doc-0:5.9.7-2.el7_9.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:2328"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.i686",
"7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc",
"7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64",
"7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64le",
"7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390",
"7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390x",
"7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.src",
"7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.x86_64",
"7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.i686",
"7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc",
"7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64",
"7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64le",
"7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390",
"7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390x",
"7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.x86_64",
"7Server-7.9.Z:qt5-qtimageformats-doc-0:5.9.7-2.el7_9.noarch",
"7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.i686",
"7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc",
"7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64",
"7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64le",
"7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390",
"7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390x",
"7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.src",
"7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.x86_64",
"7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.i686",
"7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc",
"7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64",
"7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64le",
"7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390",
"7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390x",
"7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.x86_64",
"7Server-optional-7.9.Z:qt5-qtimageformats-doc-0:5.9.7-2.el7_9.noarch",
"7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.i686",
"7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc",
"7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64",
"7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64le",
"7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390",
"7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390x",
"7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.src",
"7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.x86_64",
"7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.i686",
"7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc",
"7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64",
"7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64le",
"7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390",
"7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390x",
"7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.x86_64",
"7Workstation-7.9.Z:qt5-qtimageformats-doc-0:5.9.7-2.el7_9.noarch",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.i686",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390x",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.src",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.x86_64",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.i686",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390x",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.x86_64",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-doc-0:5.9.7-2.el7_9.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libwebp: heap-based buffer overflow in PutLE16()"
},
{
"cve": "CVE-2018-25014",
"cwe": {
"id": "CWE-908",
"name": "Use of Uninitialized Resource"
},
"discovery_date": "2021-03-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1956927"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in libwebp. An unitialized variable is used in function ReadSymbol. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libwebp: use of uninitialized value in ReadSymbol()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue did not affect the versions of Firefox and Thunderbird as shipped with Red Hat Enterprise Linux 7 and 8 as they embed the fixed version of libwebp.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.i686",
"7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc",
"7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64",
"7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64le",
"7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390",
"7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390x",
"7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.src",
"7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.x86_64",
"7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.i686",
"7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc",
"7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64",
"7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64le",
"7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390",
"7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390x",
"7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.x86_64",
"7Server-7.9.Z:qt5-qtimageformats-doc-0:5.9.7-2.el7_9.noarch",
"7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.i686",
"7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc",
"7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64",
"7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64le",
"7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390",
"7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390x",
"7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.src",
"7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.x86_64",
"7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.i686",
"7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc",
"7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64",
"7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64le",
"7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390",
"7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390x",
"7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.x86_64",
"7Server-optional-7.9.Z:qt5-qtimageformats-doc-0:5.9.7-2.el7_9.noarch",
"7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.i686",
"7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc",
"7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64",
"7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64le",
"7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390",
"7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390x",
"7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.src",
"7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.x86_64",
"7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.i686",
"7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc",
"7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64",
"7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64le",
"7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390",
"7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390x",
"7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.x86_64",
"7Workstation-7.9.Z:qt5-qtimageformats-doc-0:5.9.7-2.el7_9.noarch",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.i686",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390x",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.src",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.x86_64",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.i686",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390x",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.x86_64",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-doc-0:5.9.7-2.el7_9.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-25014"
},
{
"category": "external",
"summary": "RHBZ#1956927",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1956927"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-25014",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-25014"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-25014",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-25014"
}
],
"release_date": "2018-08-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-06-08T22:42:52+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.i686",
"7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc",
"7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64",
"7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64le",
"7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390",
"7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390x",
"7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.src",
"7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.x86_64",
"7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.i686",
"7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc",
"7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64",
"7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64le",
"7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390",
"7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390x",
"7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.x86_64",
"7Server-7.9.Z:qt5-qtimageformats-doc-0:5.9.7-2.el7_9.noarch",
"7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.i686",
"7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc",
"7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64",
"7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64le",
"7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390",
"7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390x",
"7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.src",
"7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.x86_64",
"7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.i686",
"7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc",
"7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64",
"7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64le",
"7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390",
"7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390x",
"7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.x86_64",
"7Server-optional-7.9.Z:qt5-qtimageformats-doc-0:5.9.7-2.el7_9.noarch",
"7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.i686",
"7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc",
"7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64",
"7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64le",
"7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390",
"7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390x",
"7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.src",
"7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.x86_64",
"7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.i686",
"7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc",
"7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64",
"7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64le",
"7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390",
"7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390x",
"7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.x86_64",
"7Workstation-7.9.Z:qt5-qtimageformats-doc-0:5.9.7-2.el7_9.noarch",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.i686",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390x",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.src",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.x86_64",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.i686",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390x",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.x86_64",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-doc-0:5.9.7-2.el7_9.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:2328"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.i686",
"7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc",
"7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64",
"7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64le",
"7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390",
"7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390x",
"7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.src",
"7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.x86_64",
"7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.i686",
"7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc",
"7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64",
"7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64le",
"7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390",
"7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390x",
"7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.x86_64",
"7Server-7.9.Z:qt5-qtimageformats-doc-0:5.9.7-2.el7_9.noarch",
"7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.i686",
"7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc",
"7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64",
"7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64le",
"7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390",
"7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390x",
"7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.src",
"7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.x86_64",
"7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.i686",
"7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc",
"7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64",
"7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64le",
"7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390",
"7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390x",
"7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.x86_64",
"7Server-optional-7.9.Z:qt5-qtimageformats-doc-0:5.9.7-2.el7_9.noarch",
"7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.i686",
"7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc",
"7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64",
"7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64le",
"7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390",
"7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390x",
"7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.src",
"7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.x86_64",
"7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.i686",
"7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc",
"7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64",
"7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64le",
"7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390",
"7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390x",
"7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.x86_64",
"7Workstation-7.9.Z:qt5-qtimageformats-doc-0:5.9.7-2.el7_9.noarch",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.i686",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390x",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.src",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.x86_64",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.i686",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390x",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.x86_64",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-doc-0:5.9.7-2.el7_9.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libwebp: use of uninitialized value in ReadSymbol()"
},
{
"cve": "CVE-2020-36328",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2021-03-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1956829"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in libwebp. A heap-based buffer overflow in functions WebPDecode*Into is possible due to an invalid check for buffer size. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libwebp: heap-based buffer overflow in WebPDecode*Into functions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue did not affect the versions of Firefox and Thunderbird as shipped with Red Hat Enterprise Linux 7, and 8 as they embed the fixed version of libwebp.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.i686",
"7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc",
"7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64",
"7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64le",
"7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390",
"7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390x",
"7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.src",
"7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.x86_64",
"7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.i686",
"7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc",
"7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64",
"7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64le",
"7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390",
"7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390x",
"7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.x86_64",
"7Server-7.9.Z:qt5-qtimageformats-doc-0:5.9.7-2.el7_9.noarch",
"7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.i686",
"7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc",
"7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64",
"7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64le",
"7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390",
"7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390x",
"7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.src",
"7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.x86_64",
"7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.i686",
"7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc",
"7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64",
"7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64le",
"7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390",
"7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390x",
"7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.x86_64",
"7Server-optional-7.9.Z:qt5-qtimageformats-doc-0:5.9.7-2.el7_9.noarch",
"7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.i686",
"7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc",
"7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64",
"7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64le",
"7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390",
"7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390x",
"7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.src",
"7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.x86_64",
"7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.i686",
"7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc",
"7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64",
"7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64le",
"7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390",
"7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390x",
"7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.x86_64",
"7Workstation-7.9.Z:qt5-qtimageformats-doc-0:5.9.7-2.el7_9.noarch",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.i686",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390x",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.src",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.x86_64",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.i686",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390x",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.x86_64",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-doc-0:5.9.7-2.el7_9.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-36328"
},
{
"category": "external",
"summary": "RHBZ#1956829",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1956829"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-36328",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36328"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-36328",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-36328"
}
],
"release_date": "2020-02-25T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-06-08T22:42:52+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.i686",
"7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc",
"7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64",
"7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64le",
"7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390",
"7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390x",
"7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.src",
"7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.x86_64",
"7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.i686",
"7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc",
"7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64",
"7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64le",
"7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390",
"7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390x",
"7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.x86_64",
"7Server-7.9.Z:qt5-qtimageformats-doc-0:5.9.7-2.el7_9.noarch",
"7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.i686",
"7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc",
"7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64",
"7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64le",
"7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390",
"7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390x",
"7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.src",
"7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.x86_64",
"7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.i686",
"7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc",
"7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64",
"7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64le",
"7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390",
"7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390x",
"7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.x86_64",
"7Server-optional-7.9.Z:qt5-qtimageformats-doc-0:5.9.7-2.el7_9.noarch",
"7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.i686",
"7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc",
"7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64",
"7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64le",
"7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390",
"7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390x",
"7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.src",
"7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.x86_64",
"7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.i686",
"7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc",
"7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64",
"7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64le",
"7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390",
"7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390x",
"7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.x86_64",
"7Workstation-7.9.Z:qt5-qtimageformats-doc-0:5.9.7-2.el7_9.noarch",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.i686",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390x",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.src",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.x86_64",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.i686",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390x",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.x86_64",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-doc-0:5.9.7-2.el7_9.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:2328"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.i686",
"7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc",
"7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64",
"7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64le",
"7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390",
"7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390x",
"7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.src",
"7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.x86_64",
"7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.i686",
"7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc",
"7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64",
"7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64le",
"7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390",
"7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390x",
"7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.x86_64",
"7Server-7.9.Z:qt5-qtimageformats-doc-0:5.9.7-2.el7_9.noarch",
"7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.i686",
"7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc",
"7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64",
"7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64le",
"7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390",
"7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390x",
"7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.src",
"7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.x86_64",
"7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.i686",
"7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc",
"7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64",
"7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64le",
"7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390",
"7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390x",
"7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.x86_64",
"7Server-optional-7.9.Z:qt5-qtimageformats-doc-0:5.9.7-2.el7_9.noarch",
"7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.i686",
"7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc",
"7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64",
"7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64le",
"7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390",
"7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390x",
"7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.src",
"7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.x86_64",
"7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.i686",
"7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc",
"7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64",
"7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64le",
"7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390",
"7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390x",
"7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.x86_64",
"7Workstation-7.9.Z:qt5-qtimageformats-doc-0:5.9.7-2.el7_9.noarch",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.i686",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390x",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.src",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.x86_64",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.i686",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390x",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.x86_64",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-doc-0:5.9.7-2.el7_9.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libwebp: heap-based buffer overflow in WebPDecode*Into functions"
},
{
"cve": "CVE-2020-36329",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2021-03-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1956843"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in libwebp. A use-after-free was found due to a thread being killed too early. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libwebp: use-after-free in EmitFancyRGB() in dec/io_dec.c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue did not affect the versions of Firefox and Thunderbird as shipped with Red Hat Enterprise Linux 7, and 8 as they embed the fixed version of libwebp.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.i686",
"7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc",
"7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64",
"7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64le",
"7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390",
"7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390x",
"7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.src",
"7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.x86_64",
"7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.i686",
"7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc",
"7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64",
"7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64le",
"7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390",
"7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390x",
"7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.x86_64",
"7Server-7.9.Z:qt5-qtimageformats-doc-0:5.9.7-2.el7_9.noarch",
"7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.i686",
"7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc",
"7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64",
"7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64le",
"7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390",
"7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390x",
"7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.src",
"7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.x86_64",
"7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.i686",
"7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc",
"7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64",
"7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64le",
"7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390",
"7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390x",
"7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.x86_64",
"7Server-optional-7.9.Z:qt5-qtimageformats-doc-0:5.9.7-2.el7_9.noarch",
"7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.i686",
"7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc",
"7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64",
"7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64le",
"7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390",
"7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390x",
"7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.src",
"7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.x86_64",
"7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.i686",
"7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc",
"7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64",
"7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64le",
"7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390",
"7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390x",
"7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.x86_64",
"7Workstation-7.9.Z:qt5-qtimageformats-doc-0:5.9.7-2.el7_9.noarch",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.i686",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390x",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.src",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.x86_64",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.i686",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390x",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.x86_64",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-doc-0:5.9.7-2.el7_9.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-36329"
},
{
"category": "external",
"summary": "RHBZ#1956843",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1956843"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-36329",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36329"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-36329",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-36329"
}
],
"release_date": "2020-02-25T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-06-08T22:42:52+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.i686",
"7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc",
"7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64",
"7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64le",
"7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390",
"7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390x",
"7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.src",
"7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.x86_64",
"7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.i686",
"7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc",
"7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64",
"7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64le",
"7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390",
"7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390x",
"7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.x86_64",
"7Server-7.9.Z:qt5-qtimageformats-doc-0:5.9.7-2.el7_9.noarch",
"7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.i686",
"7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc",
"7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64",
"7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64le",
"7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390",
"7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390x",
"7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.src",
"7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.x86_64",
"7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.i686",
"7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc",
"7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64",
"7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64le",
"7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390",
"7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390x",
"7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.x86_64",
"7Server-optional-7.9.Z:qt5-qtimageformats-doc-0:5.9.7-2.el7_9.noarch",
"7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.i686",
"7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc",
"7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64",
"7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64le",
"7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390",
"7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390x",
"7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.src",
"7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.x86_64",
"7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.i686",
"7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc",
"7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64",
"7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64le",
"7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390",
"7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390x",
"7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.x86_64",
"7Workstation-7.9.Z:qt5-qtimageformats-doc-0:5.9.7-2.el7_9.noarch",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.i686",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390x",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.src",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.x86_64",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.i686",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390x",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.x86_64",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-doc-0:5.9.7-2.el7_9.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:2328"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.i686",
"7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc",
"7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64",
"7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64le",
"7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390",
"7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390x",
"7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.src",
"7Server-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.x86_64",
"7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.i686",
"7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc",
"7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64",
"7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64le",
"7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390",
"7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390x",
"7Server-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.x86_64",
"7Server-7.9.Z:qt5-qtimageformats-doc-0:5.9.7-2.el7_9.noarch",
"7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.i686",
"7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc",
"7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64",
"7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64le",
"7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390",
"7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390x",
"7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.src",
"7Server-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.x86_64",
"7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.i686",
"7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc",
"7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64",
"7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64le",
"7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390",
"7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390x",
"7Server-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.x86_64",
"7Server-optional-7.9.Z:qt5-qtimageformats-doc-0:5.9.7-2.el7_9.noarch",
"7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.i686",
"7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc",
"7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64",
"7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64le",
"7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390",
"7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390x",
"7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.src",
"7Workstation-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.x86_64",
"7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.i686",
"7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc",
"7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64",
"7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64le",
"7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390",
"7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390x",
"7Workstation-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.x86_64",
"7Workstation-7.9.Z:qt5-qtimageformats-doc-0:5.9.7-2.el7_9.noarch",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.i686",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.s390x",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.src",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-0:5.9.7-2.el7_9.x86_64",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.i686",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.ppc64le",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.s390x",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-debuginfo-0:5.9.7-2.el7_9.x86_64",
"7Workstation-optional-7.9.Z:qt5-qtimageformats-doc-0:5.9.7-2.el7_9.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libwebp: use-after-free in EmitFancyRGB() in dec/io_dec.c"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…