rpm package
suse/libwebp&distro=SUSE Linux Enterprise Workstation Extension 15 SP4
pkg:rpm/suse/libwebp&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP4
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-4863 | — | KEV | < 0.5.0-150000.3.14.1 | 0.5.0-150000.3.14.1 | Sep 12, 2023 | Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical) | |
| CVE-2023-1999 | — | < 0.5.0-150000.3.11.1 | 0.5.0-150000.3.11.1 | Jun 20, 2023 | There exists a use after free/double free in libwebp. An attacker can use the ApplyFiltersAndEncode() function and loop through to free best.bw and assign best = trial pointer. The second loop will then return 0 because of an Out of memory error in VP8 encoder, the pointer is sti |
- affected < 0.5.0-150000.3.14.1fixed 0.5.0-150000.3.14.1
Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical)
- CVE-2023-1999Jun 20, 2023affected < 0.5.0-150000.3.11.1fixed 0.5.0-150000.3.11.1
There exists a use after free/double free in libwebp. An attacker can use the ApplyFiltersAndEncode() function and loop through to free best.bw and assign best = trial pointer. The second loop will then return 0 because of an Out of memory error in VP8 encoder, the pointer is sti