CVE-2018-25010

Опубликовано: 21 мая 2021

Источник: debian

EPSS Низкий

Описание

A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in ApplyFilter().

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
libwebp	fixed	0.6.1-2.1		package

Примечания

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9105
https://chromium.googlesource.com/webm/libwebp/+/1344a2e947c749d231141a295327e5b99b444d63%5E%21/#F0

EPSS

Процентиль: 52%

0.00288

Низкий

Связанные уязвимости

CVE-2018-25010

CVSS3: 9.1

ubuntu

около 4 лет назад

A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in ApplyFilter().

CVE-2018-25010

CVSS3: 9.1

redhat

около 7 лет назад

A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in ApplyFilter().

CVE-2018-25010

CVSS3: 9.1

nvd

около 4 лет назад

A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in ApplyFilter().

CVE-2018-25010

CVSS3: 9.1

msrc

около 4 лет назад

Описание отсутствует

GHSA-g4fc-9486-f3m2

CVSS3: 9.1

github

около 3 лет назад

A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds read was found in function ApplyFilter. The highest threat from this vulnerability is to data confidentiality and to the service availability.

EPSS

Процентиль: 52%

0.00288

Низкий