VulnerableCode Package Details - pkg:conan/libwebp@1.3.1

Search for packages

Vulnerability	Summary	Fixed by
VCID-vdzj-kqfy-d3b7 Aliases: CVE-2023-4863 GHSA-j7hp-h8jx-5ppr	libwebp: OOB write in BuildHuffmanTable Heap buffer overflow in libwebp allow a remote attacker to perform an out of bounds memory write via a crafted HTML page.	1.3.2 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-vdzj-kqfy-d3b7
Aliases:
CVE-2023-4863
GHSA-j7hp-h8jx-5ppr

libwebp: OOB write in BuildHuffmanTable Heap buffer overflow in libwebp allow a remote attacker to perform an out of bounds memory write via a crafted HTML page.

1.3.2
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
VCID-5hzf-gdbj-8ud8	Double Free There exists a use after free/double free in libwebp. An attacker can use the ApplyFiltersAndEncode() function and loop through to free best.bw and assign best = trial pointer. The second loop will then return 0 because of an Out of memory error in VP8 encoder, the pointer is still assigned to trial and the AddressSanitizer will attempt a double free.	CVE-2023-1999

Vulnerability

Summary

Aliases

VCID-5hzf-gdbj-8ud8

Double Free There exists a use after free/double free in libwebp. An attacker can use the ApplyFiltersAndEncode() function and loop through to free best.bw and assign best = trial pointer. The second loop will then return 0 because of an Out of memory error in VP8 encoder, the pointer is still assigned to trial and the AddressSanitizer will attempt a double free.

CVE-2023-1999

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T22:38:04.076556+00:00	GitLab Importer	Affected by	VCID-vdzj-kqfy-d3b7	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libwebp/CVE-2023-4863.yml	38.4.0
2026-04-16T22:32:04.021511+00:00	GitLab Importer	Fixing	VCID-5hzf-gdbj-8ud8	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libwebp/CVE-2023-1999.yml	38.4.0
2026-04-11T23:57:23.929995+00:00	GitLab Importer	Affected by	VCID-vdzj-kqfy-d3b7	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libwebp/CVE-2023-4863.yml	38.3.0
2026-04-11T23:50:52.380868+00:00	GitLab Importer	Fixing	VCID-5hzf-gdbj-8ud8	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libwebp/CVE-2023-1999.yml	38.3.0
2026-04-03T00:00:26.330385+00:00	GitLab Importer	Affected by	VCID-vdzj-kqfy-d3b7	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libwebp/CVE-2023-4863.yml	38.1.0
2026-04-02T23:54:06.811305+00:00	GitLab Importer	Fixing	VCID-5hzf-gdbj-8ud8	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libwebp/CVE-2023-1999.yml	38.1.0
2026-04-01T12:51:26.880947+00:00	GitLab Importer	Fixing	VCID-5hzf-gdbj-8ud8	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libwebp/CVE-2023-1999.yml	38.0.0