Vulnerabilities > CVE-2020-36328 - Out-of-bounds Write vulnerability in multiple products

A flaw was found in libwebp in versions before 1.0.1. A heap-based buffer overflow in function WebPDecodeRGBInto is possible due to an invalid check for buffer size. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Vulnerable Configurations

Part	Description	Count
Application	Webmproject Webmproject Libwebp - Webmproject Libwebp 0.1.2 Webmproject Libwebp 0.1.3 Webmproject Libwebp 0.1.99 Webmproject Libwebp 0.2.0 Webmproject Libwebp 0.2.1 Webmproject Libwebp 0.3.0 Webmproject Libwebp 0.3.1 Webmproject Libwebp 0.4.0 Webmproject Libwebp 0.4.1 Webmproject Libwebp 0.4.2 Webmproject Libwebp 0.4.3 Webmproject Libwebp 0.4.4 Webmproject Libwebp 0.5.0 Webmproject Libwebp 0.5.1 Webmproject Libwebp 0.5.2 Webmproject Libwebp 0.6.0 Webmproject Libwebp 0.6.1 Webmproject Libwebp 1.0.0	19
Application	Netapp Netapp Ontap Select Deploy Administration Utility -	1
OS	Redhat Redhat Enterprise Linux 7.0 Redhat Enterprise Linux 8.0	2
OS	Debian Debian Debian Linux 9.0 Debian Debian Linux 10.0	2
OS	Apple Apple Ipados 14.7 Apple Iphone OS 14.7	2

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

References