ALAS2-2023-2031 --- libwebpID: oval:org.secpod.oval:def:1701295 | Date: (C)2023-05-08 (M)2023-11-10 |
Class: PATCH | Family: unix |
A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds read was found in function ChunkVerifyAndAssign. The highest threat from this vulnerability is to data confidentiality and to the service availability. A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds read was found in function ChunkAssignData. The highest threat from this vulnerability is to data confidentiality and to the service availability