Known Vulnerabilities for Libwebp by Webmproject
Listed below are 10 of the newest known vulnerabilities associated with "Libwebp" by "Webmproject".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2023-5129 json | ** REJECT ** This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Duplicate of CVE-2023-4863. | Not Provided | 2023-09-25 | 2023-11-07 |
| CVE-2023-4863 json | Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perfo... | 8.8 - HIGH | 2023-09-12 | 2024-01-07 |
| CVE-2023-1999 json | There exists a use after free/double free in libwebp. An attacker can use the ApplyFiltersAndEncode() function and loop thro... | 7.5 - HIGH | 2023-06-20 | 2023-09-17 |
| CVE-2020-36332 json | A flaw was found in libwebp in versions before 1.0.1. When reading a file libwebp allocates an excessive amount of memory. Th... | 7.5 - HIGH | 2021-05-21 | 2023-11-07 |
| CVE-2020-36331 json | A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds read was found in function ChunkAssignData. The highes... | 9.1 - CRITICAL | 2021-05-21 | 2023-01-09 |
| CVE-2020-36330 json | A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds read was found in function ChunkVerifyAndAssign. The h... | 9.1 - CRITICAL | 2021-05-21 | 2021-11-30 |
| CVE-2020-36329 json | A flaw was found in libwebp in versions before 1.0.1. A use-after-free was found due to a thread being killed too early. The ... | 9.8 - CRITICAL | 2021-05-21 | 2023-01-09 |
| CVE-2020-36328 json | A flaw was found in libwebp in versions before 1.0.1. A heap-based buffer overflow in function WebPDecodeRGBInto is possible ... | 9.8 - CRITICAL | 2021-05-21 | 2023-01-09 |
| CVE-2018-25014 json | A use of uninitialized value was found in libwebp in versions before 1.0.1 in ReadSymbol(). | 9.8 - CRITICAL | 2021-05-21 | 2023-02-09 |
| CVE-2018-25013 json | A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in ShiftBytes(). | 9.1 - CRITICAL | 2021-05-21 | 2023-02-09 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Webmproject | Libwebp | 1.0.3 | |||
| Application | Webmproject | Libwebp | 1.0.2 | |||
| Application | Webmproject | Libwebp | 1.0.1 | |||
| Application | Webmproject | Libwebp | 1.0.0 | |||
| Application | Webmproject | Libwebp | 0.6.1 | |||
| Application | Webmproject | Libwebp | 0.6.0 | |||
| Application | Webmproject | Libwebp | 0.5.2 | |||
| Application | Webmproject | Libwebp | 0.5.1 | |||
| Application | Webmproject | Libwebp | 0.5.0 | |||
| Application | Webmproject | Libwebp | 0.4.4 | |||
| Application | Webmproject | Libwebp | 0.4.3 | |||
| Application | Webmproject | Libwebp | 0.4.2 | |||
| Application | Webmproject | Libwebp | 0.4.1 | |||
| Application | Webmproject | Libwebp | 0.4.0 | |||
| Application | Webmproject | Libwebp | 0.3.1 | |||
| Application | Webmproject | Libwebp | 0.3.0 | |||
| Application | Webmproject | Libwebp | 0.2.1 | |||
| Application | Webmproject | Libwebp | 0.2.0 | |||
| Application | Webmproject | Libwebp | 0.1.99 | |||
| Application | Webmproject | Libwebp | 0.1.3 |