Vulnerabilities > Webmproject

DATE CVE VULNERABILITY TITLE RISK
2021-05-21 CVE-2020-36328 A flaw was found in libwebp in versions before 1.0.1.
network
low complexity
webmproject redhat netapp debian apple
critical
9.8
2021-05-21 CVE-2020-36329 Use After Free vulnerability in multiple products
A flaw was found in libwebp in versions before 1.0.1.
network
low complexity
webmproject redhat netapp debian apple CWE-416
critical
9.8
2021-05-21 CVE-2020-36330 Out-of-bounds Read vulnerability in multiple products
A flaw was found in libwebp in versions before 1.0.1.
network
low complexity
webmproject debian redhat netapp apple CWE-125
critical
9.1
2021-05-21 CVE-2020-36331 Out-of-bounds Read vulnerability in multiple products
A flaw was found in libwebp in versions before 1.0.1.
network
low complexity
webmproject redhat netapp debian apple CWE-125
critical
9.1
2021-05-21 CVE-2020-36332 Resource Exhaustion vulnerability in multiple products
A flaw was found in libwebp in versions before 1.0.1.
network
low complexity
webmproject redhat debian netapp CWE-400
7.5
2019-05-23 CVE-2016-9969 Double Free vulnerability in Webmproject Libwebp 0.5.1
In libwebp 0.5.1, there is a double free bug in libwebpmux.
network
high complexity
webmproject CWE-415
7.5
2019-03-13 CVE-2019-9746 NULL Pointer Dereference vulnerability in Webmproject Libwebm
In libwebm before 2019-03-08, a NULL pointer dereference caused by the functions OutputCluster and OutputTracks in webm_info.cc will trigger an abort, which allows a DoS attack, a similar issue to CVE-2018-19212.
network
low complexity
webmproject CWE-476
7.5
2018-11-12 CVE-2018-19212 Always-Incorrect Control Flow Implementation vulnerability in Webmproject Libwebm
In libwebm through 2018-10-03, there is an abort caused by libwebm::Webm2Pes::InitWebmParser() that will lead to a DoS attack.
network
low complexity
webmproject CWE-670
6.5
2018-02-02 CVE-2018-6548 Use After Free vulnerability in Webmproject Libwebm
A use-after-free issue was discovered in libwebm through 2018-02-02.
network
low complexity
webmproject CWE-416
critical
9.8
2018-01-30 CVE-2018-6406 Out-of-bounds Read vulnerability in Webmproject Libwebm
The function ParseVP9SuperFrameIndex in common/libwebm_util.cc in libwebm through 2018-01-30 does not validate the child_frame_length data obtained from a .webm file, which allows remote attackers to cause an information leak or a denial of service (heap-based buffer over-read and later out-of-bounds write), or possibly have unspecified other impact.
network
low complexity
webmproject CWE-125
8.8