CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0CVE-2018-25014 – libwebp: use of uninitialized value in ReadSymbol()
https://notcve.org/view.php?id=CVE-2018-25014
A use of uninitialized value was found in libwebp in versions before 1.0.1 in ReadSymbol(). Se encontró un uso de valor no inicializado en libwebp en versiones anteriores a la 1.0.1 en ReadSymbol() A flaw was found in libwebp. An unitialized variable is used in function ReadSymbol. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. • https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9496 https://bugzilla.redhat.com/show_bug.cgi?id=1956927 https://chromium.googlesource.com/webm/libwebp/+log/78ad57a36ad69a9c22874b182d49d64125c380f2..907208f97ead639bd52 https://access.redhat.com/security/cve/CVE-2018-25014 • CWE-908: Use of Uninitialized Resource •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0CVE-2018-25011 – libwebp: heap-based buffer overflow in PutLE16()
https://notcve.org/view.php?id=CVE-2018-25011
A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in PutLE16(). Se encontró un desbordamiento de búfer basado en la pila en libwebp en versiones anteriores a la 1.0.1 en PutLE16() A flaw was found in libwebp. A heap-based buffer overflow was found in PutLE16(). The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. • https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9119 https://bugzilla.redhat.com/show_bug.cgi?id=1956919 https://chromium.googlesource.com/webm/libwebp/+/v1.0.1 https://chromium.googlesource.com/webm/libwebp/+log/be738c6d396fa5a272c1b209be4379a7532debfe..29fb8562c60b5a919a75d904ff7366af423f8ab9?pretty=fuller&n=10000 https://access.redhat.com/security/cve/CVE-2018-25011 • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 8EXPL: 0CVE-2020-36329 – libwebp: use-after-free in EmitFancyRGB() in dec/io_dec.c
https://notcve.org/view.php?id=CVE-2020-36329
A flaw was found in libwebp in versions before 1.0.1. A use-after-free was found due to a thread being killed too early. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. Se encontró un fallo en libwebp en versiones anteriores a 1.0.1. Se encontró un uso de la memoria previamente liberada debido a que un subproceso se eliminó demasiado pronto. • http://seclists.org/fulldisclosure/2021/Jul/54 https://bugzilla.redhat.com/show_bug.cgi?id=1956843 https://lists.debian.org/debian-lts-announce/2021/06/msg00005.html https://lists.debian.org/debian-lts-announce/2021/06/msg00006.html https://security.netapp.com/advisory/ntap-20211112-0001 https://support.apple.com/kb/HT212601 https://www.debian.org/security/2021/dsa-4930 https://access.redhat.com/security/cve/CVE-2020-36329 • CWE-416: Use After Free •
CVSS: 9.8EPSS: 0%CPEs: 8EXPL: 0CVE-2020-36328 – libwebp: heap-based buffer overflow in WebPDecode*Into functions
https://notcve.org/view.php?id=CVE-2020-36328
A flaw was found in libwebp in versions before 1.0.1. A heap-based buffer overflow in function WebPDecodeRGBInto is possible due to an invalid check for buffer size. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. Se encontró un fallo en libwebp en versiones anteriores a 1.0.1. Un desbordamiento del búfer en la región heap de la memoria en la función WebPDecodeRGBInto es posible debido a una verificación no válida del tamaño del búfer. • http://seclists.org/fulldisclosure/2021/Jul/54 https://bugzilla.redhat.com/show_bug.cgi?id=1956829 https://lists.debian.org/debian-lts-announce/2021/06/msg00005.html https://lists.debian.org/debian-lts-announce/2021/06/msg00006.html https://security.netapp.com/advisory/ntap-20211112-0001 https://support.apple.com/kb/HT212601 https://www.debian.org/security/2021/dsa-4930 https://access.redhat.com/security/cve/CVE-2020-36328 • CWE-787: Out-of-bounds Write •
CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 1CVE-2021-20201 – spice: Client initiated renegotiation denial of service
https://notcve.org/view.php?id=CVE-2021-20201
A flaw was found in spice in versions before 0.14.92. A DoS tool might make it easier for remote attackers to cause a denial of service (CPU consumption) by performing many renegotiations within a single connection. Se encontró un fallo en spice en versiones anteriores a 0.14.92. Una herramienta DoS podría facilitar a atacantes remotos causar una denegación de servicio (consumo de CPU) al llevar a cabo muchas renegociaciones dentro de una sola conexión A flaw was found in spice. A DoS tool might make it easier for remote attackers to cause a denial of service (CPU consumption) by performing many renegotiations within a single connection. • https://blog.qualys.com/product-tech/2011/10/31/tls-renegotiation-and-denial-of-service-attacks https://bugzilla.redhat.com/show_bug.cgi?id=1921846 https://security.gentoo.org/glsa/202208-10 https://access.redhat.com/security/cve/CVE-2021-20201 • CWE-400: Uncontrolled Resource Consumption •