Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:deb/debian/libwebp@0.6.1-2.1%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/libwebp@0.6.1-2.1%2Bdeb11u2?distro=trixie
Vulnerabilities affecting this package (0)
Vulnerability Summary Fixed by
This package is not known to be affected by vulnerabilities.
Vulnerabilities fixed by this package (16)
Vulnerability Summary Aliases
VCID-5hzf-gdbj-8ud8 Double Free There exists a use after free/double free in libwebp. An attacker can use the ApplyFiltersAndEncode() function and loop through to free best.bw and assign best = trial pointer. The second loop will then return 0 because of an Out of memory error in VP8 encoder, the pointer is still assigned to trial and the AddressSanitizer will attempt a double free. CVE-2023-1999
VCID-6z14-frdw-r3dh libwebp: out-of-bounds read in ApplyFilter() CVE-2018-25010
VCID-8nht-54x7-gqf1 libwebp: excessive memory allocation when reading a file CVE-2020-36332
VCID-9jcb-yrmd-7uen libwebp: heap-based buffer overflow in WebPDecode*Into functions CVE-2020-36328
VCID-c6sz-91cq-8yfx An integer overflow vulnerability in WebP could lead to arbitrary code execution or Denial of Service. CVE-2012-5127
VCID-e3uc-36mx-mbfv libwebp: out-of-bounds read in ChunkVerifyAndAssign() in mux/muxread.c CVE-2020-36330
VCID-ecku-fk4j-s3hr libwebp: out-of-bounds read in ChunkAssignData() in mux/muxinternal.c CVE-2020-36331
VCID-edjd-xk1f-gkgg Multiple vulnerabilities have been discovered in WebP, the worst of which could allow a remote attacker to cause a Denial of Service condition. CVE-2016-9085
VCID-hjha-gt3s-s3e3 libwebp: use of uninitialized value in ReadSymbol() CVE-2018-25014
VCID-k4yg-g6p1-kkbz libwebp: use-after-free in EmitFancyRGB() in dec/io_dec.c CVE-2020-36329
VCID-ms2y-xj5p-4ud9 libwebp: out-of-bounds read in WebPMuxCreateInternal() CVE-2018-25012
VCID-t16b-mbs7-wfc1 libwebp: heap-based buffer overflow in PutLE16() CVE-2018-25011
VCID-vdzj-kqfy-d3b7 libwebp: OOB write in BuildHuffmanTable Heap buffer overflow in libwebp allow a remote attacker to perform an out of bounds memory write via a crafted HTML page. CVE-2023-4863
GHSA-j7hp-h8jx-5ppr
VCID-wcer-d6dm-w3ch libwebp: out-of-bounds read in WebPMuxCreateInternal CVE-2018-25009
VCID-y1t9-28vr-euep In libwebp 0.5.1, there is a double free bug in libwebpmux. CVE-2016-9969
PYSEC-2019-256
VCID-yjus-jmfg-tyfv libwebp: out-of-bounds read in ShiftBytes() CVE-2018-25013

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T13:11:03.979150+00:00 Debian Importer Fixing VCID-y1t9-28vr-euep https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T12:32:42.370850+00:00 Debian Importer Fixing VCID-edjd-xk1f-gkgg https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T12:30:17.229306+00:00 Debian Importer Fixing VCID-5hzf-gdbj-8ud8 https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T12:24:29.503475+00:00 Debian Importer Fixing VCID-ms2y-xj5p-4ud9 https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T12:21:38.355739+00:00 Debian Importer Fixing VCID-t16b-mbs7-wfc1 https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T12:13:13.882382+00:00 Debian Importer Fixing VCID-vdzj-kqfy-d3b7 https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T11:49:58.730978+00:00 Debian Importer Fixing VCID-hjha-gt3s-s3e3 https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T11:40:53.147841+00:00 Debian Importer Fixing VCID-c6sz-91cq-8yfx https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T11:18:04.676146+00:00 Debian Importer Fixing VCID-e3uc-36mx-mbfv https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T10:27:56.300551+00:00 Debian Importer Fixing VCID-yjus-jmfg-tyfv https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T09:35:01.269323+00:00 Debian Importer Fixing VCID-8nht-54x7-gqf1 https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T09:13:41.534372+00:00 Debian Importer Fixing VCID-k4yg-g6p1-kkbz https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T09:09:40.719381+00:00 Debian Importer Fixing VCID-ecku-fk4j-s3hr https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T08:50:28.368183+00:00 Debian Importer Fixing VCID-6z14-frdw-r3dh https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T08:48:01.984707+00:00 Debian Importer Fixing VCID-wcer-d6dm-w3ch https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T08:40:50.431343+00:00 Debian Importer Fixing VCID-9jcb-yrmd-7uen https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-13T09:04:19.403499+00:00 Debian Importer Fixing VCID-y1t9-28vr-euep https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T08:35:28.082890+00:00 Debian Importer Fixing VCID-edjd-xk1f-gkgg https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T08:33:41.292410+00:00 Debian Importer Fixing VCID-5hzf-gdbj-8ud8 https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T08:29:31.908979+00:00 Debian Importer Fixing VCID-ms2y-xj5p-4ud9 https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T08:27:26.046437+00:00 Debian Importer Fixing VCID-t16b-mbs7-wfc1 https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T08:21:33.902259+00:00 Debian Importer Fixing VCID-vdzj-kqfy-d3b7 https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T08:04:31.010035+00:00 Debian Importer Fixing VCID-hjha-gt3s-s3e3 https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T07:57:31.721999+00:00 Debian Importer Fixing VCID-c6sz-91cq-8yfx https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T07:41:19.809297+00:00 Debian Importer Fixing VCID-e3uc-36mx-mbfv https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T07:03:40.840581+00:00 Debian Importer Fixing VCID-yjus-jmfg-tyfv https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-11T18:23:01.735722+00:00 Debian Importer Fixing VCID-8nht-54x7-gqf1 https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-11T18:10:21.001347+00:00 Debian Importer Fixing VCID-k4yg-g6p1-kkbz https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-11T18:07:58.514269+00:00 Debian Importer Fixing VCID-ecku-fk4j-s3hr https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-11T17:56:22.429089+00:00 Debian Importer Fixing VCID-6z14-frdw-r3dh https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-11T17:54:46.528660+00:00 Debian Importer Fixing VCID-wcer-d6dm-w3ch https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-11T17:50:05.764420+00:00 Debian Importer Fixing VCID-9jcb-yrmd-7uen https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-03T07:29:58.750827+00:00 Debian Importer Fixing VCID-vdzj-kqfy-d3b7 https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:29:58.707909+00:00 Debian Importer Fixing VCID-5hzf-gdbj-8ud8 https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:29:58.666601+00:00 Debian Importer Fixing VCID-8nht-54x7-gqf1 https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:29:58.632573+00:00 Debian Importer Fixing VCID-ecku-fk4j-s3hr https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:29:58.598653+00:00 Debian Importer Fixing VCID-e3uc-36mx-mbfv https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:29:58.564745+00:00 Debian Importer Fixing VCID-k4yg-g6p1-kkbz https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:29:58.530415+00:00 Debian Importer Fixing VCID-9jcb-yrmd-7uen https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:29:58.495509+00:00 Debian Importer Fixing VCID-hjha-gt3s-s3e3 https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:29:58.461378+00:00 Debian Importer Fixing VCID-yjus-jmfg-tyfv https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:29:58.426985+00:00 Debian Importer Fixing VCID-ms2y-xj5p-4ud9 https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:29:58.392743+00:00 Debian Importer Fixing VCID-t16b-mbs7-wfc1 https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:29:58.358642+00:00 Debian Importer Fixing VCID-6z14-frdw-r3dh https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:29:58.324826+00:00 Debian Importer Fixing VCID-wcer-d6dm-w3ch https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:29:58.289723+00:00 Debian Importer Fixing VCID-y1t9-28vr-euep https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:29:58.244682+00:00 Debian Importer Fixing VCID-edjd-xk1f-gkgg https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:29:58.201897+00:00 Debian Importer Fixing VCID-c6sz-91cq-8yfx https://security-tracker.debian.org/tracker/data/json 38.1.0