Known Vulnerabilities for products from Webmproject
Listed below are 19 of the newest known vulnerabilities associated with the vendor "Webmproject".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2020-36332 | A flaw was found in libwebp in versions before 1.0.1. When reading a file libwebp allocates an excessive amount of memory. Th... | 7.5 - HIGH | 2021-05-21 | 2023-11-07 |
| CVE-2020-36331 | A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds read was found in function ChunkAssignData. The highes... | 9.1 - CRITICAL | 2021-05-21 | 2023-01-09 |
| CVE-2020-36330 | A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds read was found in function ChunkVerifyAndAssign. The h... | 9.1 - CRITICAL | 2021-05-21 | 2021-11-30 |
| CVE-2020-36329 | A flaw was found in libwebp in versions before 1.0.1. A use-after-free was found due to a thread being killed too early. The ... | 9.8 - CRITICAL | 2021-05-21 | 2023-01-09 |
| CVE-2020-36328 | A flaw was found in libwebp in versions before 1.0.1. A heap-based buffer overflow in function WebPDecodeRGBInto is possible ... | 9.8 - CRITICAL | 2021-05-21 | 2023-01-09 |
| CVE-2019-9746 | In libwebm before 2019-03-08, a NULL pointer dereference caused by the functions OutputCluster and OutputTracks in webm_info.... | 7.5 - HIGH | 2019-03-13 | 2019-03-14 |
| CVE-2018-25014 | A flaw was found in libwebp in versions before 1.0.1. An unitialized variable is used in function ReadSymbol. The highest thr... | 9.8 - CRITICAL | 2021-05-21 | 2023-02-09 |
| CVE-2018-25013 | A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds read was found in function ShiftBytes. The highest thr... | 9.1 - CRITICAL | 2021-05-21 | 2023-02-09 |
| CVE-2018-25012 | A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds read was found in function WebPMuxCreateInternal. The ... | 9.1 - CRITICAL | 2021-05-21 | 2023-02-28 |
| CVE-2018-25011 | A flaw was found in libwebp in versions before 1.0.1. A heap-based buffer overflow was found in PutLE16(). The highest threat... | 9.8 - CRITICAL | 2021-05-21 | 2023-02-10 |
| CVE-2018-25010 | A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds read was found in function ApplyFilter. The highest th... | 9.1 - CRITICAL | 2021-05-21 | 2023-02-10 |
| CVE-2018-25009 | A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds read was found in function WebPMuxCreateInternal. The ... | 9.1 - CRITICAL | 2021-05-21 | 2023-02-17 |
| CVE-2018-19212 | In libwebm through 2018-10-03, there is an abort caused by libwebm::Webm2Pes::InitWebmParser() that will lead to a DoS attack... | 6.5 - MEDIUM | 2018-11-12 | 2020-08-24 |
| CVE-2018-6548 | A use-after-free issue was discovered in libwebm through 2018-02-02. If a Vp9HeaderParser was initialized once before, its pr... | 9.8 - CRITICAL | 2018-02-02 | 2018-02-21 |
| CVE-2018-6406 | The function ParseVP9SuperFrameIndex in common/libwebm_util.cc in libwebm through 2018-01-30 does not validate the child_fram... | 8.8 - HIGH | 2018-01-30 | 2019-10-03 |
| CVE-2016-9969 | In libwebp 0.5.1, there is a double free bug in libwebpmux. | 7.5 - HIGH | 2019-05-23 | 2019-05-28 |
| CVE-2016-9085 | Multiple integer overflows in libwebp allows attackers to have unspecified impact via unknown vectors. | 3.3 - LOW | 2017-02-03 | 2023-11-07 |
| CVE-2012-0823 | VP8 Codec SDK (libvpx) before 1.0.0 "Duclair" allows remote attackers to cause a denial of service (application crash) via (1... | 5 - MEDIUM | 2012-02-23 | 2020-07-29 |
| CVE-2010-4203 | WebM libvpx (aka the VP8 Codec SDK) before 0.9.5, as used in Google Chrome before 7.0.517.44, allows remote attackers to caus... | 9.8 - CRITICAL | 2010-11-06 | 2023-11-07 |