rpm package
suse/libwebp&distro=SUSE Linux Enterprise Module for Package Hub 15 SP4
pkg:rpm/suse/libwebp&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP4
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-4863 | — | KEV | < 1.0.3-150200.3.10.1 | 1.0.3-150200.3.10.1 | Sep 12, 2023 | Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical) | |
| CVE-2023-1999 | — | < 1.0.3-150200.3.5.1 | 1.0.3-150200.3.5.1 | Jun 20, 2023 | There exists a use after free/double free in libwebp. An attacker can use the ApplyFiltersAndEncode() function and loop through to free best.bw and assign best = trial pointer. The second loop will then return 0 because of an Out of memory error in VP8 encoder, the pointer is sti |
- affected < 1.0.3-150200.3.10.1fixed 1.0.3-150200.3.10.1
Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical)
- CVE-2023-1999Jun 20, 2023affected < 1.0.3-150200.3.5.1fixed 1.0.3-150200.3.5.1
There exists a use after free/double free in libwebp. An attacker can use the ApplyFiltersAndEncode() function and loop through to free best.bw and assign best = trial pointer. The second loop will then return 0 because of an Out of memory error in VP8 encoder, the pointer is sti