VulnerableCode Package Details - pkg:conan/libwebp@1.1.0

Search for packages

Vulnerability	Summary	Fixed by
VCID-5hzf-gdbj-8ud8 Aliases: CVE-2023-1999	Double Free There exists a use after free/double free in libwebp. An attacker can use the ApplyFiltersAndEncode() function and loop through to free best.bw and assign best = trial pointer. The second loop will then return 0 because of an Out of memory error in VP8 encoder, the pointer is still assigned to trial and the AddressSanitizer will attempt a double free.	1.3.1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-vdzj-kqfy-d3b7 Aliases: CVE-2023-4863 GHSA-j7hp-h8jx-5ppr	libwebp: OOB write in BuildHuffmanTable Heap buffer overflow in libwebp allow a remote attacker to perform an out of bounds memory write via a crafted HTML page.	1.3.2 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-5hzf-gdbj-8ud8
Aliases:
CVE-2023-1999

Double Free There exists a use after free/double free in libwebp. An attacker can use the ApplyFiltersAndEncode() function and loop through to free best.bw and assign best = trial pointer. The second loop will then return 0 because of an Out of memory error in VP8 encoder, the pointer is still assigned to trial and the AddressSanitizer will attempt a double free.

1.3.1
Affected by 1 other vulnerability.

VCID-vdzj-kqfy-d3b7
Aliases:
CVE-2023-4863
GHSA-j7hp-h8jx-5ppr

libwebp: OOB write in BuildHuffmanTable Heap buffer overflow in libwebp allow a remote attacker to perform an out of bounds memory write via a crafted HTML page.

1.3.2
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Vulnerability

Summary

Aliases

This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T22:38:04.069820+00:00	GitLab Importer	Affected by	VCID-vdzj-kqfy-d3b7	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libwebp/CVE-2023-4863.yml	38.4.0
2026-04-16T22:32:04.014766+00:00	GitLab Importer	Affected by	VCID-5hzf-gdbj-8ud8	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libwebp/CVE-2023-1999.yml	38.4.0
2026-04-11T23:57:23.922689+00:00	GitLab Importer	Affected by	VCID-vdzj-kqfy-d3b7	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libwebp/CVE-2023-4863.yml	38.3.0
2026-04-11T23:50:52.372957+00:00	GitLab Importer	Affected by	VCID-5hzf-gdbj-8ud8	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libwebp/CVE-2023-1999.yml	38.3.0
2026-04-03T00:00:26.323110+00:00	GitLab Importer	Affected by	VCID-vdzj-kqfy-d3b7	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libwebp/CVE-2023-4863.yml	38.1.0
2026-04-02T23:54:06.803248+00:00	GitLab Importer	Affected by	VCID-5hzf-gdbj-8ud8	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libwebp/CVE-2023-1999.yml	38.1.0