CVE-2018-25010

Опубликовано: 21 мая 2021

Источник: ubuntu

Приоритет: medium

CVSS2: 6.4

CVSS3: 9.1

Описание

A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in ApplyFilter().

Релиз	Статус	Примечание
bionic	released	0.6.1-2ubuntu0.18.04.1
devel	released	0.6.1-2ubuntu1
esm-infra-legacy/trusty	released	0.4.0-4ubuntu0.1~esm1
esm-infra/bionic	released	0.6.1-2ubuntu0.18.04.1
esm-infra/focal	released	0.6.1-2ubuntu0.20.04.1
esm-infra/xenial	released	0.4.4-1ubuntu0.1~esm1
focal	released	0.6.1-2ubuntu0.20.04.1
groovy	released	0.6.1-2ubuntu0.20.10.1
hirsute	released	0.6.1-2ubuntu0.21.04.1
impish	released	0.6.1-2ubuntu1

Показывать по

Ссылки на источники

6.4 Medium

CVSS2

9.1 Critical

CVSS3

Связанные уязвимости

CVE-2018-25010

CVSS3: 9.1

redhat

больше 7 лет назад

A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in ApplyFilter().

CVE-2018-25010

CVSS3: 9.1

nvd

больше 4 лет назад

A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in ApplyFilter().

CVE-2018-25010

CVSS3: 9.1

msrc

больше 4 лет назад

A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in ApplyFilter().

CVE-2018-25010

CVSS3: 9.1

debian

больше 4 лет назад

A heap-based buffer overflow was found in libwebp in versions before 1 ...

GHSA-g4fc-9486-f3m2

CVSS3: 9.1

github

больше 3 лет назад

A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds read was found in function ApplyFilter. The highest threat from this vulnerability is to data confidentiality and to the service availability.

6.4 Medium

CVSS2

9.1 Critical

CVSS3

CVE-2018-25010

Описание

Пакет libwebp

Ссылки на источники

Связанные уязвимости