汇总 webmproject 相关全部产品的 CVE 与安全漏洞情报,包括 CVSS、EPSS、公开时间与漏洞情报数据。
已披露问题常与 缓冲区溢出、内存损坏与输入验证问题 相关,可能在 生产负载与软件部署 场景中带来 内存损坏与异常行为 等暴露风险。
相关漏洞数据主要来源于公开漏洞披露与安全公告,可用于评估历史漏洞暴露面与修复优先级。
| CVE | 摘要 | 来源 | 最高 CVSS | EPSS % | 公开时间 | 更新时间 |
|---|---|---|---|---|---|---|
| CVE-2024-5197 | There exists interger overflows in libvpx in versions prior to 1.14.1. Calling vpx_img_alloc() with a large value of the d_w, d_h, or align parameter may result in integer overflows in the calculations of buffer sizes and offsets and some fields of the returned vpx_image_t struct may be invalid. Calling vpx_img_wrap() with a large value of the d_w, d_h, or stride_align parameter may result in integer overflows in the calculations of buffer sizes and offsets and some fields of the returned vpx_im | [email protected] | 5.9 | 0.33% | 2024-06-03 | 2025-07-22 |
| CVE-2023-6349 | A heap overflow vulnerability exists in libvpx - Encoding a frame that has larger dimensions than the originally configured size with VP9 may result in a heap overflow in libvpx. We recommend upgrading to version 1.13.1 or above | [email protected] | 5.7 | 0.12% | 2024-05-27 | 2025-07-22 |
| CVE-2023-44488 | VP9 in libvpx before 1.13.1 mishandles widths, leading to a crash related to encoding. | [email protected] | 7.5 | 1.45% | 2023-09-30 | 2024-11-21 |
| CVE-2023-5217 KEV | Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | [email protected] | 8.8 | 4.98% | 2023-09-28 | 2025-10-24 |
| CVE-2023-4863 KEV | Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical) | [email protected] | 8.8 | 93.30% | 2023-09-12 | 2025-10-24 |
| CVE-2023-1999 | There exists a use after free/double free in libwebp. An attacker can use the ApplyFiltersAndEncode() function and loop through to free best.bw and assign best = trial pointer. The second loop will then return 0 because of an Out of memory error in VP8 encoder, the pointer is still assigned to trial and the AddressSanitizer will attempt a double free. | [email protected] | 5.3 | 0.36% | 2023-06-20 | 2025-02-13 |
| CVE-2020-36332 | A flaw was found in libwebp in versions before 1.0.1. When reading a file libwebp allocates an excessive amount of memory. The highest threat from this vulnerability is to the service availability. | [email protected] | 7.5 | 0.82% | 2021-05-21 | 2024-11-21 |
| CVE-2020-36331 | A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds read was found in function ChunkAssignData. The highest threat from this vulnerability is to data confidentiality and to the service availability. | [email protected] | 9.1 | 0.41% | 2021-05-21 | 2024-11-21 |
| CVE-2020-36330 | A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds read was found in function ChunkVerifyAndAssign. The highest threat from this vulnerability is to data confidentiality and to the service availability. | [email protected] | 9.1 | 0.40% | 2021-05-21 | 2024-11-21 |
| CVE-2020-36329 | A flaw was found in libwebp in versions before 1.0.1. A use-after-free was found due to a thread being killed too early. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | [email protected] | 9.8 | 0.50% | 2021-05-21 | 2024-11-21 |
| CVE-2020-36328 | A flaw was found in libwebp in versions before 1.0.1. A heap-based buffer overflow in function WebPDecodeRGBInto is possible due to an invalid check for buffer size. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | [email protected] | 9.8 | 0.53% | 2021-05-21 | 2024-11-21 |
| CVE-2018-25014 | A use of uninitialized value was found in libwebp in versions before 1.0.1 in ReadSymbol(). | [email protected] | 9.8 | 0.44% | 2021-05-21 | 2024-11-21 |
| CVE-2018-25013 | A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in ShiftBytes(). | [email protected] | 9.1 | 0.57% | 2021-05-21 | 2024-11-21 |
| CVE-2018-25012 | A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in GetLE24(). | [email protected] | 9.1 | 0.57% | 2021-05-21 | 2024-11-21 |
| CVE-2018-25011 | A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in PutLE16(). | [email protected] | 9.8 | 0.38% | 2021-05-21 | 2024-11-21 |
| CVE-2018-25010 | A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in ApplyFilter(). | [email protected] | 9.1 | 0.51% | 2021-05-21 | 2024-11-21 |
| CVE-2018-25009 | A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in GetLE16(). | [email protected] | 9.1 | 0.45% | 2021-05-21 | 2024-11-21 |
| CVE-2016-9969 | In libwebp 0.5.1, there is a double free bug in libwebpmux. | [email protected] | 7.5 | 0.21% | 2019-05-23 | 2024-11-21 |
| CVE-2019-9746 | In libwebm before 2019-03-08, a NULL pointer dereference caused by the functions OutputCluster and OutputTracks in webm_info.cc will trigger an abort, which allows a DoS attack, a similar issue to CVE-2018-19212. | [email protected] | 7.5 | 0.34% | 2019-03-13 | 2024-11-21 |
| CVE-2018-19212 | In libwebm through 2018-10-03, there is an abort caused by libwebm::Webm2Pes::InitWebmParser() that will lead to a DoS attack. | [email protected] | 6.5 | 0.24% | 2018-11-12 | 2024-11-21 |