Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:deb/debian/libwebp@0.6.1-2%2Bdeb10u1
purl pkg:deb/debian/libwebp@0.6.1-2%2Bdeb10u1
Next non-vulnerable version 0.6.1-2.1+deb11u2
Latest non-vulnerable version 0.6.1-2.1+deb11u2
Risk 10.0
Vulnerabilities affecting this package (13)
Vulnerability Summary Fixed by
VCID-5hzf-gdbj-8ud8
Aliases:
CVE-2023-1999
Double Free There exists a use after free/double free in libwebp. An attacker can use the ApplyFiltersAndEncode() function and loop through to free best.bw and assign best = trial pointer. The second loop will then return 0 because of an Out of memory error in VP8 encoder, the pointer is still assigned to trial and the AddressSanitizer will attempt a double free.
0.6.1-2.1+deb11u2
Affected by 0 other vulnerabilities.
VCID-6z14-frdw-r3dh
Aliases:
CVE-2018-25010
libwebp: out-of-bounds read in ApplyFilter()
0.6.1-2.1+deb11u2
Affected by 0 other vulnerabilities.
VCID-8nht-54x7-gqf1
Aliases:
CVE-2020-36332
libwebp: excessive memory allocation when reading a file
0.6.1-2.1+deb11u2
Affected by 0 other vulnerabilities.
VCID-9jcb-yrmd-7uen
Aliases:
CVE-2020-36328
libwebp: heap-based buffer overflow in WebPDecode*Into functions
0.6.1-2.1+deb11u2
Affected by 0 other vulnerabilities.
VCID-e3uc-36mx-mbfv
Aliases:
CVE-2020-36330
libwebp: out-of-bounds read in ChunkVerifyAndAssign() in mux/muxread.c
0.6.1-2.1+deb11u2
Affected by 0 other vulnerabilities.
VCID-ecku-fk4j-s3hr
Aliases:
CVE-2020-36331
libwebp: out-of-bounds read in ChunkAssignData() in mux/muxinternal.c
0.6.1-2.1+deb11u2
Affected by 0 other vulnerabilities.
VCID-hjha-gt3s-s3e3
Aliases:
CVE-2018-25014
libwebp: use of uninitialized value in ReadSymbol()
0.6.1-2.1+deb11u2
Affected by 0 other vulnerabilities.
VCID-k4yg-g6p1-kkbz
Aliases:
CVE-2020-36329
libwebp: use-after-free in EmitFancyRGB() in dec/io_dec.c
0.6.1-2.1+deb11u2
Affected by 0 other vulnerabilities.
VCID-ms2y-xj5p-4ud9
Aliases:
CVE-2018-25012
libwebp: out-of-bounds read in WebPMuxCreateInternal()
0.6.1-2.1+deb11u2
Affected by 0 other vulnerabilities.
VCID-t16b-mbs7-wfc1
Aliases:
CVE-2018-25011
libwebp: heap-based buffer overflow in PutLE16()
0.6.1-2.1+deb11u2
Affected by 0 other vulnerabilities.
VCID-vdzj-kqfy-d3b7
Aliases:
CVE-2023-4863
GHSA-j7hp-h8jx-5ppr
libwebp: OOB write in BuildHuffmanTable Heap buffer overflow in libwebp allow a remote attacker to perform an out of bounds memory write via a crafted HTML page.
0.6.1-2.1+deb11u2
Affected by 0 other vulnerabilities.
VCID-wcer-d6dm-w3ch
Aliases:
CVE-2018-25009
libwebp: out-of-bounds read in WebPMuxCreateInternal
0.6.1-2.1+deb11u2
Affected by 0 other vulnerabilities.
VCID-yjus-jmfg-tyfv
Aliases:
CVE-2018-25013
libwebp: out-of-bounds read in ShiftBytes()
0.6.1-2.1+deb11u2
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (11)
Vulnerability Summary Aliases
VCID-6z14-frdw-r3dh libwebp: out-of-bounds read in ApplyFilter() CVE-2018-25010
VCID-8nht-54x7-gqf1 libwebp: excessive memory allocation when reading a file CVE-2020-36332
VCID-9jcb-yrmd-7uen libwebp: heap-based buffer overflow in WebPDecode*Into functions CVE-2020-36328
VCID-e3uc-36mx-mbfv libwebp: out-of-bounds read in ChunkVerifyAndAssign() in mux/muxread.c CVE-2020-36330
VCID-ecku-fk4j-s3hr libwebp: out-of-bounds read in ChunkAssignData() in mux/muxinternal.c CVE-2020-36331
VCID-hjha-gt3s-s3e3 libwebp: use of uninitialized value in ReadSymbol() CVE-2018-25014
VCID-k4yg-g6p1-kkbz libwebp: use-after-free in EmitFancyRGB() in dec/io_dec.c CVE-2020-36329
VCID-ms2y-xj5p-4ud9 libwebp: out-of-bounds read in WebPMuxCreateInternal() CVE-2018-25012
VCID-t16b-mbs7-wfc1 libwebp: heap-based buffer overflow in PutLE16() CVE-2018-25011
VCID-wcer-d6dm-w3ch libwebp: out-of-bounds read in WebPMuxCreateInternal CVE-2018-25009
VCID-yjus-jmfg-tyfv libwebp: out-of-bounds read in ShiftBytes() CVE-2018-25013

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T00:50:16.303624+00:00 Debian Oval Importer Affected by VCID-8nht-54x7-gqf1 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-16T00:13:53.685608+00:00 Debian Oval Importer Affected by VCID-ecku-fk4j-s3hr https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-16T00:04:21.244456+00:00 Debian Oval Importer Affected by VCID-e3uc-36mx-mbfv https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T23:24:11.305940+00:00 Debian Oval Importer Affected by VCID-yjus-jmfg-tyfv https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T22:22:03.012461+00:00 Debian Oval Importer Affected by VCID-k4yg-g6p1-kkbz https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T21:57:49.833382+00:00 Debian Oval Importer Affected by VCID-vdzj-kqfy-d3b7 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T21:42:56.267960+00:00 Debian Oval Importer Affected by VCID-ms2y-xj5p-4ud9 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T20:29:30.938930+00:00 Debian Oval Importer Affected by VCID-wcer-d6dm-w3ch https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T20:23:30.683629+00:00 Debian Oval Importer Affected by VCID-9jcb-yrmd-7uen https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T20:19:45.375776+00:00 Debian Oval Importer Affected by VCID-hjha-gt3s-s3e3 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T19:18:19.123344+00:00 Debian Oval Importer Affected by VCID-5hzf-gdbj-8ud8 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T17:25:03.612287+00:00 Debian Oval Importer Affected by VCID-t16b-mbs7-wfc1 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T16:35:20.836127+00:00 Debian Oval Importer Affected by VCID-6z14-frdw-r3dh https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T15:15:43.869001+00:00 Debian Oval Importer Fixing VCID-hjha-gt3s-s3e3 https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 38.4.0
2026-04-15T15:14:15.739489+00:00 Debian Oval Importer Fixing VCID-6z14-frdw-r3dh https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 38.4.0
2026-04-15T15:09:05.499206+00:00 Debian Oval Importer Fixing VCID-t16b-mbs7-wfc1 https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 38.4.0
2026-04-15T15:00:02.925876+00:00 Debian Oval Importer Fixing VCID-ecku-fk4j-s3hr https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 38.4.0
2026-04-15T14:59:03.476075+00:00 Debian Oval Importer Fixing VCID-wcer-d6dm-w3ch https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 38.4.0
2026-04-15T14:57:43.760414+00:00 Debian Oval Importer Fixing VCID-yjus-jmfg-tyfv https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 38.4.0
2026-04-15T14:54:28.040465+00:00 Debian Oval Importer Fixing VCID-ms2y-xj5p-4ud9 https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 38.4.0
2026-04-15T14:52:39.600719+00:00 Debian Oval Importer Fixing VCID-9jcb-yrmd-7uen https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 38.4.0
2026-04-15T14:52:15.154445+00:00 Debian Oval Importer Fixing VCID-k4yg-g6p1-kkbz https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 38.4.0
2026-04-15T14:44:43.436558+00:00 Debian Oval Importer Fixing VCID-e3uc-36mx-mbfv https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 38.4.0
2026-04-15T14:42:32.132964+00:00 Debian Oval Importer Fixing VCID-8nht-54x7-gqf1 https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 38.4.0
2026-04-12T00:22:45.505099+00:00 Debian Oval Importer Affected by VCID-8nht-54x7-gqf1 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T23:47:38.948751+00:00 Debian Oval Importer Affected by VCID-ecku-fk4j-s3hr https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T23:38:25.551556+00:00 Debian Oval Importer Affected by VCID-e3uc-36mx-mbfv https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T22:59:40.381763+00:00 Debian Oval Importer Affected by VCID-yjus-jmfg-tyfv https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T21:59:26.058430+00:00 Debian Oval Importer Affected by VCID-k4yg-g6p1-kkbz https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T21:36:07.035269+00:00 Debian Oval Importer Affected by VCID-vdzj-kqfy-d3b7 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T21:21:40.683366+00:00 Debian Oval Importer Affected by VCID-ms2y-xj5p-4ud9 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T20:10:55.137511+00:00 Debian Oval Importer Affected by VCID-wcer-d6dm-w3ch https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T20:05:06.419454+00:00 Debian Oval Importer Affected by VCID-9jcb-yrmd-7uen https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T20:01:26.627981+00:00 Debian Oval Importer Affected by VCID-hjha-gt3s-s3e3 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T19:01:41.621832+00:00 Debian Oval Importer Affected by VCID-5hzf-gdbj-8ud8 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T17:11:26.210667+00:00 Debian Oval Importer Affected by VCID-t16b-mbs7-wfc1 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T16:22:20.916206+00:00 Debian Oval Importer Affected by VCID-6z14-frdw-r3dh https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T15:04:04.465985+00:00 Debian Oval Importer Fixing VCID-hjha-gt3s-s3e3 https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 38.3.0
2026-04-11T15:02:34.618459+00:00 Debian Oval Importer Fixing VCID-6z14-frdw-r3dh https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 38.3.0
2026-04-11T14:57:23.989586+00:00 Debian Oval Importer Fixing VCID-t16b-mbs7-wfc1 https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 38.3.0
2026-04-11T14:48:18.588504+00:00 Debian Oval Importer Fixing VCID-ecku-fk4j-s3hr https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 38.3.0
2026-04-11T14:47:19.271372+00:00 Debian Oval Importer Fixing VCID-wcer-d6dm-w3ch https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 38.3.0
2026-04-11T14:45:59.389576+00:00 Debian Oval Importer Fixing VCID-yjus-jmfg-tyfv https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 38.3.0
2026-04-11T14:42:43.776935+00:00 Debian Oval Importer Fixing VCID-ms2y-xj5p-4ud9 https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 38.3.0
2026-04-11T14:40:54.727967+00:00 Debian Oval Importer Fixing VCID-9jcb-yrmd-7uen https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 38.3.0
2026-04-11T14:40:30.000865+00:00 Debian Oval Importer Fixing VCID-k4yg-g6p1-kkbz https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 38.3.0
2026-04-11T14:33:00.914892+00:00 Debian Oval Importer Fixing VCID-e3uc-36mx-mbfv https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 38.3.0
2026-04-11T14:30:50.645738+00:00 Debian Oval Importer Fixing VCID-8nht-54x7-gqf1 https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 38.3.0
2026-04-08T23:53:27.115730+00:00 Debian Oval Importer Affected by VCID-8nht-54x7-gqf1 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T23:19:51.969891+00:00 Debian Oval Importer Affected by VCID-ecku-fk4j-s3hr https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T23:10:58.308937+00:00 Debian Oval Importer Affected by VCID-e3uc-36mx-mbfv https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T22:33:50.209944+00:00 Debian Oval Importer Affected by VCID-yjus-jmfg-tyfv https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T21:36:35.742153+00:00 Debian Oval Importer Affected by VCID-k4yg-g6p1-kkbz https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T21:14:15.488381+00:00 Debian Oval Importer Affected by VCID-vdzj-kqfy-d3b7 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T21:00:21.108651+00:00 Debian Oval Importer Affected by VCID-ms2y-xj5p-4ud9 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T19:52:11.159457+00:00 Debian Oval Importer Affected by VCID-wcer-d6dm-w3ch https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T19:46:40.994158+00:00 Debian Oval Importer Affected by VCID-9jcb-yrmd-7uen https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T19:43:09.972729+00:00 Debian Oval Importer Affected by VCID-hjha-gt3s-s3e3 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T18:46:10.357959+00:00 Debian Oval Importer Affected by VCID-5hzf-gdbj-8ud8 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T17:00:25.463894+00:00 Debian Oval Importer Affected by VCID-t16b-mbs7-wfc1 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T16:14:09.516188+00:00 Debian Oval Importer Affected by VCID-6z14-frdw-r3dh https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T14:59:34.147237+00:00 Debian Oval Importer Fixing VCID-hjha-gt3s-s3e3 https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 38.1.0
2026-04-08T14:58:06.078841+00:00 Debian Oval Importer Fixing VCID-6z14-frdw-r3dh https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 38.1.0
2026-04-07T23:29:29.121925+00:00 Debian Oval Importer Fixing VCID-t16b-mbs7-wfc1 https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 38.1.0
2026-04-07T23:21:03.592043+00:00 Debian Oval Importer Fixing VCID-ecku-fk4j-s3hr https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 38.1.0
2026-04-07T23:20:05.413837+00:00 Debian Oval Importer Fixing VCID-wcer-d6dm-w3ch https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 38.1.0
2026-04-07T23:18:47.085575+00:00 Debian Oval Importer Fixing VCID-yjus-jmfg-tyfv https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 38.1.0
2026-04-07T23:15:40.225571+00:00 Debian Oval Importer Fixing VCID-ms2y-xj5p-4ud9 https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 38.1.0
2026-04-07T23:13:55.371260+00:00 Debian Oval Importer Fixing VCID-9jcb-yrmd-7uen https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 38.1.0
2026-04-07T23:13:31.235161+00:00 Debian Oval Importer Fixing VCID-k4yg-g6p1-kkbz https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 38.1.0
2026-04-07T23:06:17.367187+00:00 Debian Oval Importer Fixing VCID-e3uc-36mx-mbfv https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 38.1.0
2026-04-07T23:04:10.345066+00:00 Debian Oval Importer Fixing VCID-8nht-54x7-gqf1 https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 38.1.0