Lucene search
Veracode Vulnerability DatabaseVERACODE:33122HistoryNov 28, 2021 - 12:40 a.m.
Denial Of Service (DoS)
2021-11-2800:40:48
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
10
0.004 Low
EPSS
Percentile
74.4%
libwebp is vulnerable to denial of service. The vulnerability exists due to the out-of-bound read in the ChunkVerifyAndAssign function, allowing an attacker to cause an application crash.
| CPE | Name | Operator | Version |
|---|---|---|---|
| libwebp | eq | 1.0.0__1.el8 | |
| libwebp | eq | 1.0.0__3.el8_4 | |
| libwebp | eq | 1.0.0__1.el8 | |
| libwebp | eq | 1.0.0__3.el8_4 |
References
seclists.org/fulldisclosure/2021/Jul/54
access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.5_release_notes/
access.redhat.com/errata/RHSA-2021:4231
access.redhat.com/security/updates/classification/#moderate
bugzilla.redhat.com/show_bug.cgi?id=1956853
lists.debian.org/debian-lts-announce/2021/06/msg00005.html
lists.debian.org/debian-lts-announce/2021/06/msg00006.html
security.netapp.com/advisory/ntap-20211104-0004/
support.apple.com/kb/HT212601
www.debian.org/security/2021/dsa-4930
Related
cbl_mariner
cbl_mariner
CVE-2020-36330 affecting package libwebp 1.0.0-4
2021-06-09 03:50:29
cvelist
cvelist
CVE-2020-36330
2021-05-21 16:19:44
cve
cve
CVE-2020-36330
2021-05-21 17:15:08
redhatcve
redhatcve
CVE-2020-36330
2021-05-04 20:22:01
ubuntucve
ubuntucve
CVE-2020-36330
2020-12-31 00:00:00
prion
prion
Design/Logic Flaw
2021-05-21 17:15:00
osv
osv
CVE-2020-36330
2021-05-21 17:15:08
Moderate: libwebp security update
2021-11-09 08:47:24
Moderate: libwebp security update
2021-11-09 08:47:24
nvd
nvd
CVE-2020-36330
2021-05-21 17:15:08
debiancve
debiancve
CVE-2020-36330
2021-05-21 17:15:08
amazon
amazon
Medium: libwebp
2023-04-27 16:19:00
Medium: libwebp
2023-04-27 18:37:00
nessus
nessus
Amazon Linux AMI : libwebp (ALAS-2023-1740)
2023-05-04 00:00:00
Amazon Linux 2 : libwebp (ALAS-2023-2031)
2023-05-02 00:00:00
AlmaLinux 8 : libwebp (ALSA-2021:4231)
2022-02-09 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2023-2184
2023-07-11 11:09:54
f5
f5
K14760551 : Multiple libwebp vulnerabilities
2022-03-17 00:00:00
rocky
rocky
libwebp security update
2021-11-09 08:47:24
oraclelinux
oraclelinux
libwebp security update
2021-11-16 00:00:00
almalinux
almalinux
Moderate: libwebp security update
2021-11-09 08:47:24
openvas
openvas
Huawei EulerOS: Security Advisory for libwebp (EulerOS-SA-2021-2338)
2021-09-04 00:00:00
SUSE: Security Advisory (SUSE-SU-2021:1830-1)
2021-06-09 00:00:00
Huawei EulerOS: Security Advisory for libwebp (EulerOS-SA-2021-2403)
2021-09-15 00:00:00
redhat
redhat
(RHSA-2021:4231) Moderate: libwebp security update
2021-11-09 08:47:24
(RHSA-2021:5129) Moderate: Openshift Logging security and bug update (5.3.1)
2021-12-14 16:46:20
(RHSA-2021:5128) Moderate: Openshift Logging security and bug update (5.1.5)
2021-12-14 16:46:13
debian
debian
[SECURITY] [DLA 2672-1] libwebp security update
2021-06-05 17:43:33
[SECURITY] [DLA 2677-1] libwebp security update
2021-06-06 18:38:17
[SECURITY] [DSA 4930-1] libwebp security update
2021-06-10 21:04:30
suse
suse
Security update for libwebp (critical)
2021-07-11 00:00:00
ubuntu
ubuntu
libwebp vulnerabilities
2021-06-01 00:00:00
libwebp vulnerabilities
2021-06-10 00:00:00
photon
photon
Critical Photon OS Security Update - PHSA-2021-0244
2021-05-27 00:00:00
Critical Photon OS Security Update - PHSA-2021-3.0-0244
2021-05-28 00:00:00
qualysblog
qualysblog
cloudfoundry
cloudfoundry
USN-4971-1: libwebp vulnerabilities | Cloud Foundry
2021-06-11 00:00:00
apple
apple
About the security content of iOS 14.7 and iPadOS 14.7
2021-07-21 00:00:00
About the security content of iOS 14.7 and iPadOS 14.7
2021-07-19 00:00:00
threatpost
threatpost
Apple Issues Urgent iPhone Updates; None for Pegasus Zero-Day
2021-07-22 16:18:25
ibm
ibm