[Forgot Password]
Login  Register Subscribe

30480

 
 

423868

 
 

252271

 
 

909

 
 

196835

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
OVAL

ALAS2-2021-1676 --- libwebp

ID: oval:org.secpod.oval:def:1700666Date: (C)2021-07-07   (M)2023-06-16
Class: PATCHFamily: unix




A flaw was found in libwebp. A heap-based buffer overflow was found in PutLE16. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. A flaw was found in libwebp in versions before 1.0.1. A heap-based buffer overflow in function WebPDecodeRGBInto is possible due to an invalid check for buffer size. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. A flaw was found in libwebp. A use-after-free was found due to a thread being killed too early. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability

Platform:
Amazon Linux 2
Product:
libwebp
Reference:
ALAS2-2021-1676
CVE-2018-25011
CVE-2020-36328
CVE-2020-36329
CVE    3
CVE-2020-36329
CVE-2020-36328
CVE-2018-25011

© SecPod Technologies