GHSA-vqgc-g267-8p6w

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 9.8

Описание

A flaw was found in libwebp in versions before 1.0.1. A heap-based buffer overflow was found in PutLE16(). The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Ссылки

EPSS

Процентиль: 58%

0.00376

Низкий

9.8 Critical

CVSS3

CVE ID

CVE-2018-25011

Дефекты

CWE-119

CWE-787

Связанные уязвимости

CVE-2018-25011

CVSS3: 9.8

ubuntu

около 4 лет назад

A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in PutLE16().

CVE-2018-25011

CVSS3: 9.8

redhat

почти 7 лет назад

A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in PutLE16().

CVE-2018-25011

CVSS3: 9.8

nvd

около 4 лет назад

A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in PutLE16().

CVE-2018-25011

CVSS3: 9.8

msrc

около 4 лет назад

Описание отсутствует

CVE-2018-25011

CVSS3: 9.8

debian

около 4 лет назад

A heap-based buffer overflow was found in libwebp in versions before 1 ...

EPSS

Процентиль: 58%

0.00376

Низкий

9.8 Critical

CVSS3

CVE ID

CVE-2018-25011

Дефекты

CWE-119

CWE-787