Download
| Alert*
CVE-2020-36332
A flaw was found in libwebp in versions before 1.0.1. When reading a file libwebp allocates an excessive amount of memory. The highest threat from this vulnerability is to the service availability. CVE-2020-36331 A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds read was found in function ChunkAssignData. The highest threat from this vulnerability is to data confidentiality and to the service availability. CVE-2020-36329 A flaw was found in libwebp in versions before 1.0.1. A use-after-free was found due to a thread being killed too early. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. CVE-2020-36330 A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds read was found in function ChunkVerifyAndAssign. The highest threat from this vulnerability is to data confidentiality and to the service availability. CVE-2018-25009 A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in GetLE16(). CVE-2018-25010 A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in ApplyFilter(). CVE-2018-25013 A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in ShiftBytes(). CVE-2018-25012 A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in GetLE24(). CVE-2018-25011 A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in PutLE16(). |