Логотип exploitDog
bind:"CVE-2023-1999"
Консоль
Логотип exploitDog

exploitDog

bind:"CVE-2023-1999"

Количество 16

Количество 16

ubuntu логотип

CVE-2023-1999

около 2 лет назад

There exists a use after free/double free in libwebp. An attacker can use the ApplyFiltersAndEncode() function and loop through to free best.bw and assign best = trial pointer. The second loop will then return 0 because of an Out of memory error in VP8 encoder, the pointer is still assigned to trial and the AddressSanitizer will attempt a double free.

CVSS3: 5.3
EPSS: Низкий
redhat логотип

CVE-2023-1999

больше 2 лет назад

There exists a use after free/double free in libwebp. An attacker can use the ApplyFiltersAndEncode() function and loop through to free best.bw and assign best = trial pointer. The second loop will then return 0 because of an Out of memory error in VP8 encoder, the pointer is still assigned to trial and the AddressSanitizer will attempt a double free.

CVSS3: 7.5
EPSS: Низкий
nvd логотип

CVE-2023-1999

около 2 лет назад

There exists a use after free/double free in libwebp. An attacker can use the ApplyFiltersAndEncode() function and loop through to free best.bw and assign best = trial pointer. The second loop will then return 0 because of an Out of memory error in VP8 encoder, the pointer is still assigned to trial and the AddressSanitizer will attempt a double free.

CVSS3: 5.3
EPSS: Низкий
msrc логотип

CVE-2023-1999

почти 2 года назад

Chromium: CVE-2023-1999 Use after free in libwebp

EPSS: Низкий
debian логотип

CVE-2023-1999

около 2 лет назад

There exists a use after free/double free in libwebp. An attacker can ...

CVSS3: 5.3
EPSS: Низкий
suse-cvrf логотип

SUSE-SU-2023:2552-1

около 2 лет назад

Security update for libwebp

EPSS: Низкий
suse-cvrf логотип

SUSE-SU-2023:2490-1

около 2 лет назад

Security update for libwebp

EPSS: Низкий
suse-cvrf логотип

SUSE-SU-2023:2467-1

около 2 лет назад

Security update for libwebp

EPSS: Низкий
rocky логотип

RLSA-2023:2078

больше 2 лет назад

Important: libwebp security update

EPSS: Низкий
rocky логотип

RLSA-2023:2076

около 2 лет назад

Important: libwebp security update

EPSS: Низкий
github логотип

GHSA-8x9p-cw2c-6253

около 2 лет назад

There exists a use after free/double free in libwebp. An attacker can use the ApplyFiltersAndEncode() function and loop through to free best.bw and assign best = trial pointer. The second loop will then return 0 because of an Out of memory error in VP8 encoder, the pointer is still assigned to trial and the AddressSanitizer will attempt a double free. 

CVSS3: 5.3
EPSS: Низкий
oracle-oval логотип

ELSA-2023-2078

больше 2 лет назад

ELSA-2023-2078: libwebp security update (IMPORTANT)

EPSS: Низкий
oracle-oval логотип

ELSA-2023-2077

больше 2 лет назад

ELSA-2023-2077: libwebp security update (IMPORTANT)

EPSS: Низкий
oracle-oval логотип

ELSA-2023-2076

больше 2 лет назад

ELSA-2023-2076: libwebp security update (IMPORTANT)

EPSS: Низкий
fstec логотип

BDU:2023-02923

больше 2 лет назад

Уязвимость функции EncodeAlphaInternal() библиотеки libwebp для кодирования и декодирования изображений в формате WebP браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю вызвать отказ в обслуживании

CVSS3: 7.5
EPSS: Низкий
suse-cvrf логотип

SUSE-SU-2023:2064-1

больше 2 лет назад

Security update for MozillaThunderbird

EPSS: Низкий

Уязвимостей на страницу

Уязвимость
CVSS
EPSS
Опубликовано
ubuntu логотип
CVE-2023-1999

There exists a use after free/double free in libwebp. An attacker can use the ApplyFiltersAndEncode() function and loop through to free best.bw and assign best = trial pointer. The second loop will then return 0 because of an Out of memory error in VP8 encoder, the pointer is still assigned to trial and the AddressSanitizer will attempt a double free.

CVSS3: 5.3
0%
Низкий
около 2 лет назад
redhat логотип
CVE-2023-1999

There exists a use after free/double free in libwebp. An attacker can use the ApplyFiltersAndEncode() function and loop through to free best.bw and assign best = trial pointer. The second loop will then return 0 because of an Out of memory error in VP8 encoder, the pointer is still assigned to trial and the AddressSanitizer will attempt a double free.

CVSS3: 7.5
0%
Низкий
больше 2 лет назад
nvd логотип
CVE-2023-1999

There exists a use after free/double free in libwebp. An attacker can use the ApplyFiltersAndEncode() function and loop through to free best.bw and assign best = trial pointer. The second loop will then return 0 because of an Out of memory error in VP8 encoder, the pointer is still assigned to trial and the AddressSanitizer will attempt a double free.

CVSS3: 5.3
0%
Низкий
около 2 лет назад
msrc логотип
CVE-2023-1999

Chromium: CVE-2023-1999 Use after free in libwebp

0%
Низкий
почти 2 года назад
debian логотип
CVE-2023-1999

There exists a use after free/double free in libwebp. An attacker can ...

CVSS3: 5.3
0%
Низкий
около 2 лет назад
suse-cvrf логотип
SUSE-SU-2023:2552-1

Security update for libwebp

0%
Низкий
около 2 лет назад
suse-cvrf логотип
SUSE-SU-2023:2490-1

Security update for libwebp

0%
Низкий
около 2 лет назад
suse-cvrf логотип
SUSE-SU-2023:2467-1

Security update for libwebp

0%
Низкий
около 2 лет назад
rocky логотип
RLSA-2023:2078

Important: libwebp security update

0%
Низкий
больше 2 лет назад
rocky логотип
RLSA-2023:2076

Important: libwebp security update

0%
Низкий
около 2 лет назад
github логотип
GHSA-8x9p-cw2c-6253

There exists a use after free/double free in libwebp. An attacker can use the ApplyFiltersAndEncode() function and loop through to free best.bw and assign best = trial pointer. The second loop will then return 0 because of an Out of memory error in VP8 encoder, the pointer is still assigned to trial and the AddressSanitizer will attempt a double free. 

CVSS3: 5.3
0%
Низкий
около 2 лет назад
oracle-oval логотип
ELSA-2023-2078

ELSA-2023-2078: libwebp security update (IMPORTANT)

больше 2 лет назад
oracle-oval логотип
ELSA-2023-2077

ELSA-2023-2077: libwebp security update (IMPORTANT)

больше 2 лет назад
oracle-oval логотип
ELSA-2023-2076

ELSA-2023-2076: libwebp security update (IMPORTANT)

больше 2 лет назад
fstec логотип
BDU:2023-02923

Уязвимость функции EncodeAlphaInternal() библиотеки libwebp для кодирования и декодирования изображений в формате WebP браузеров Mozilla Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю вызвать отказ в обслуживании

CVSS3: 7.5
0%
Низкий
больше 2 лет назад
suse-cvrf логотип
SUSE-SU-2023:2064-1

Security update for MozillaThunderbird

больше 2 лет назад

Уязвимостей на страницу