CVE-2018-25014

Опубликовано: 21 мая 2021

Источник: debian

Описание

A use of uninitialized value was found in libwebp in versions before 1.0.1 in ReadSymbol().

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
libwebp	fixed	0.6.1-2.1		package

Примечания

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9496

Связанные уязвимости

CVE-2018-25014

CVSS3: 9.8

ubuntu

около 4 лет назад

A use of uninitialized value was found in libwebp in versions before 1.0.1 in ReadSymbol().

CVE-2018-25014

CVSS3: 9.8

redhat

почти 7 лет назад

A use of uninitialized value was found in libwebp in versions before 1.0.1 in ReadSymbol().

CVE-2018-25014

CVSS3: 9.8

nvd

около 4 лет назад

A use of uninitialized value was found in libwebp in versions before 1.0.1 in ReadSymbol().

CVE-2018-25014

CVSS3: 9.8

msrc

около 4 лет назад

Описание отсутствует

GHSA-rr28-4v9r-6wcq

CVSS3: 9.8

github

около 3 лет назад

A flaw was found in libwebp in versions before 1.0.1. An unitialized variable is used in function ReadSymbol. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.