Описание
A use of uninitialized value was found in libwebp in versions before 1.0.1 in ReadSymbol().
Ссылки
- Third Party Advisory
- Issue TrackingPatchThird Party Advisory
- Third Party Advisory
- Third Party Advisory
- Issue TrackingPatchThird Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.0.1 (исключая)
cpe:2.3:a:webmproject:libwebp:*:*:*:*:*:*:*:*
Конфигурация 2
Одно из
cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
EPSS
Процентиль: 68%
0.00578
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-908
CWE-908
Связанные уязвимости
CVSS3: 9.8
ubuntu
больше 4 лет назад
A use of uninitialized value was found in libwebp in versions before 1.0.1 in ReadSymbol().
CVSS3: 9.8
redhat
больше 7 лет назад
A use of uninitialized value was found in libwebp in versions before 1.0.1 in ReadSymbol().
CVSS3: 9.8
msrc
больше 4 лет назад
A use of uninitialized value was found in libwebp in versions before 1.0.1 in ReadSymbol().
CVSS3: 9.8
debian
больше 4 лет назад
A use of uninitialized value was found in libwebp in versions before 1 ...
CVSS3: 9.8
github
больше 3 лет назад
A flaw was found in libwebp in versions before 1.0.1. An unitialized variable is used in function ReadSymbol. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
EPSS
Процентиль: 68%
0.00578
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-908
CWE-908