Количество 16
Количество 16
CVE-2023-1999
There exists a use after free/double free in libwebp. An attacker can use the ApplyFiltersAndEncode() function and loop through to free best.bw and assign best = trial pointer. The second loop will then return 0 because of an Out of memory error in VP8 encoder, the pointer is still assigned to trial and the AddressSanitizer will attempt a double free.
CVE-2023-1999
There exists a use after free/double free in libwebp. An attacker can use the ApplyFiltersAndEncode() function and loop through to free best.bw and assign best = trial pointer. The second loop will then return 0 because of an Out of memory error in VP8 encoder, the pointer is still assigned to trial and the AddressSanitizer will attempt a double free.
CVE-2023-1999
There exists a use after free/double free in libwebp. An attacker can use the ApplyFiltersAndEncode() function and loop through to free best.bw and assign best = trial pointer. The second loop will then return 0 because of an Out of memory error in VP8 encoder, the pointer is still assigned to trial and the AddressSanitizer will attempt a double free.
CVE-2023-1999
Chromium: CVE-2023-1999 Use after free in libwebp
CVE-2023-1999
There exists a use after free/double free in libwebp. An attacker can ...
SUSE-SU-2023:2552-1
Security update for libwebp
SUSE-SU-2023:2490-1
Security update for libwebp
SUSE-SU-2023:2467-1
Security update for libwebp
RLSA-2023:2078
Important: libwebp security update
RLSA-2023:2076
Important: libwebp security update
GHSA-8x9p-cw2c-6253
There exists a use after free/double free in libwebp. An attacker can use the ApplyFiltersAndEncode() function and loop through to free best.bw and assign best = trial pointer. The second loop will then return 0 because of an Out of memory error in VP8 encoder, the pointer is still assigned to trial and the AddressSanitizer will attempt a double free.
ELSA-2023-2078
ELSA-2023-2078: libwebp security update (IMPORTANT)
ELSA-2023-2077
ELSA-2023-2077: libwebp security update (IMPORTANT)
ELSA-2023-2076
ELSA-2023-2076: libwebp security update (IMPORTANT)
BDU:2023-02923
Уязвимость функции EncodeAlphaInternal() библиотеки libwebp для кодирования и декодирования изображений в формате WebP браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю вызвать отказ в обслуживании
SUSE-SU-2023:2064-1
Security update for MozillaThunderbird
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2023-1999 There exists a use after free/double free in libwebp. An attacker can use the ApplyFiltersAndEncode() function and loop through to free best.bw and assign best = trial pointer. The second loop will then return 0 because of an Out of memory error in VP8 encoder, the pointer is still assigned to trial and the AddressSanitizer will attempt a double free. | CVSS3: 5.3 | 0% Низкий | около 2 лет назад |
 | CVE-2023-1999 There exists a use after free/double free in libwebp. An attacker can use the ApplyFiltersAndEncode() function and loop through to free best.bw and assign best = trial pointer. The second loop will then return 0 because of an Out of memory error in VP8 encoder, the pointer is still assigned to trial and the AddressSanitizer will attempt a double free. | CVSS3: 7.5 | 0% Низкий | больше 2 лет назад |
 | CVE-2023-1999 There exists a use after free/double free in libwebp. An attacker can use the ApplyFiltersAndEncode() function and loop through to free best.bw and assign best = trial pointer. The second loop will then return 0 because of an Out of memory error in VP8 encoder, the pointer is still assigned to trial and the AddressSanitizer will attempt a double free. | CVSS3: 5.3 | 0% Низкий | около 2 лет назад |
 | CVE-2023-1999 Chromium: CVE-2023-1999 Use after free in libwebp | 0% Низкий | почти 2 года назад | |
| CVE-2023-1999 There exists a use after free/double free in libwebp. An attacker can ... | CVSS3: 5.3 | 0% Низкий | около 2 лет назад |
 | SUSE-SU-2023:2552-1 Security update for libwebp | 0% Низкий | около 2 лет назад | |
| SUSE-SU-2023:2490-1 Security update for libwebp | 0% Низкий | около 2 лет назад | |
| SUSE-SU-2023:2467-1 Security update for libwebp | 0% Низкий | около 2 лет назад | |
 | RLSA-2023:2078 Important: libwebp security update | 0% Низкий | больше 2 лет назад | |
| RLSA-2023:2076 Important: libwebp security update | 0% Низкий | около 2 лет назад | |
| GHSA-8x9p-cw2c-6253 There exists a use after free/double free in libwebp. An attacker can use the ApplyFiltersAndEncode() function and loop through to free best.bw and assign best = trial pointer. The second loop will then return 0 because of an Out of memory error in VP8 encoder, the pointer is still assigned to trial and the AddressSanitizer will attempt a double free. | CVSS3: 5.3 | 0% Низкий | около 2 лет назад |
| ELSA-2023-2078 ELSA-2023-2078: libwebp security update (IMPORTANT) | больше 2 лет назад | ||
| ELSA-2023-2077 ELSA-2023-2077: libwebp security update (IMPORTANT) | больше 2 лет назад | ||
| ELSA-2023-2076 ELSA-2023-2076: libwebp security update (IMPORTANT) | больше 2 лет назад | ||
 | BDU:2023-02923 Уязвимость функции EncodeAlphaInternal() библиотеки libwebp для кодирования и декодирования изображений в формате WebP браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю вызвать отказ в обслуживании | CVSS3: 7.5 | 0% Низкий | больше 2 лет назад |
| SUSE-SU-2023:2064-1 Security update for MozillaThunderbird | больше 2 лет назад |
Уязвимостей на страницу