Описание
A use of uninitialized value was found in libwebp in versions before 1.0.1 in ReadSymbol().
Ссылки
- Third Party Advisory
- Issue TrackingPatchThird Party Advisory
- Third Party Advisory
- Third Party Advisory
- Issue TrackingPatchThird Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.0.1 (исключая)
cpe:2.3:a:webmproject:libwebp:*:*:*:*:*:*:*:*
Конфигурация 2
Одно из
cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
EPSS
Процентиль: 42%
0.00199
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-908
CWE-908
Связанные уязвимости
CVSS3: 9.8
ubuntu
около 4 лет назад
A use of uninitialized value was found in libwebp in versions before 1.0.1 in ReadSymbol().
CVSS3: 9.8
redhat
почти 7 лет назад
A use of uninitialized value was found in libwebp in versions before 1.0.1 in ReadSymbol().
CVSS3: 9.8
debian
около 4 лет назад
A use of uninitialized value was found in libwebp in versions before 1 ...
CVSS3: 9.8
github
около 3 лет назад
A flaw was found in libwebp in versions before 1.0.1. An unitialized variable is used in function ReadSymbol. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
EPSS
Процентиль: 42%
0.00199
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-908
CWE-908