Required CVE Record Information
Description
A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds read was found in function ChunkAssignData. The highest threat from this vulnerability is to data confidentiality and to the service availability.
References 7 Total
- https://bugzilla.redhat.com/show_bug.cgi?id=1956856
- lists.debian.org: [debian-lts-announce] 20210605 [SECURITY] [DLA 2672-1] libwebp security update mailing-list
- lists.debian.org: [debian-lts-announce] 20210606 [SECURITY] [DLA 2677-1] libwebp security update mailing-list
- debian.org: DSA-4930 vendor-advisory
- https://support.apple.com/kb/HT212601
- seclists.org: 20210723 APPLE-SA-2021-07-21-1 iOS 14.7 and iPadOS 14.7 mailing-list
- https://security.netapp.com/advisory/ntap-20211112-0001/
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 7 Total
- https://bugzilla.redhat.com/show_bug.cgi?id=1956856 x_transferred
- lists.debian.org: [debian-lts-announce] 20210605 [SECURITY] [DLA 2672-1] libwebp security update mailing-listx_transferred
- lists.debian.org: [debian-lts-announce] 20210606 [SECURITY] [DLA 2677-1] libwebp security update mailing-listx_transferred
- debian.org: DSA-4930 vendor-advisoryx_transferred
- https://support.apple.com/kb/HT212601 x_transferred
- seclists.org: 20210723 APPLE-SA-2021-07-21-1 iOS 14.7 and iPadOS 14.7 mailing-listx_transferred
- https://security.netapp.com/advisory/ntap-20211112-0001/ x_transferred