VulnerableCode Package Details - pkg:deb/debian/libwebp@0.6.1-2.1%2Bdeb11u2

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-5hzf-gdbj-8ud8	Double Free There exists a use after free/double free in libwebp. An attacker can use the ApplyFiltersAndEncode() function and loop through to free best.bw and assign best = trial pointer. The second loop will then return 0 because of an Out of memory error in VP8 encoder, the pointer is still assigned to trial and the AddressSanitizer will attempt a double free.	CVE-2023-1999
VCID-6z14-frdw-r3dh	libwebp: out-of-bounds read in ApplyFilter()	CVE-2018-25010
VCID-8nht-54x7-gqf1	libwebp: excessive memory allocation when reading a file	CVE-2020-36332
VCID-9jcb-yrmd-7uen	libwebp: heap-based buffer overflow in WebPDecode*Into functions	CVE-2020-36328
VCID-e3uc-36mx-mbfv	libwebp: out-of-bounds read in ChunkVerifyAndAssign() in mux/muxread.c	CVE-2020-36330
VCID-ecku-fk4j-s3hr	libwebp: out-of-bounds read in ChunkAssignData() in mux/muxinternal.c	CVE-2020-36331
VCID-hjha-gt3s-s3e3	libwebp: use of uninitialized value in ReadSymbol()	CVE-2018-25014
VCID-k4yg-g6p1-kkbz	libwebp: use-after-free in EmitFancyRGB() in dec/io_dec.c	CVE-2020-36329
VCID-ms2y-xj5p-4ud9	libwebp: out-of-bounds read in WebPMuxCreateInternal()	CVE-2018-25012
VCID-t16b-mbs7-wfc1	libwebp: heap-based buffer overflow in PutLE16()	CVE-2018-25011
VCID-vdzj-kqfy-d3b7	libwebp: OOB write in BuildHuffmanTable Heap buffer overflow in libwebp allow a remote attacker to perform an out of bounds memory write via a crafted HTML page.	CVE-2023-4863 GHSA-j7hp-h8jx-5ppr
VCID-wcer-d6dm-w3ch	libwebp: out-of-bounds read in WebPMuxCreateInternal	CVE-2018-25009
VCID-yjus-jmfg-tyfv	libwebp: out-of-bounds read in ShiftBytes()	CVE-2018-25013

Vulnerability

Summary

Aliases

VCID-5hzf-gdbj-8ud8

Double Free There exists a use after free/double free in libwebp. An attacker can use the ApplyFiltersAndEncode() function and loop through to free best.bw and assign best = trial pointer. The second loop will then return 0 because of an Out of memory error in VP8 encoder, the pointer is still assigned to trial and the AddressSanitizer will attempt a double free.

CVE-2023-1999

VCID-6z14-frdw-r3dh

libwebp: out-of-bounds read in ApplyFilter()

CVE-2018-25010

VCID-8nht-54x7-gqf1

libwebp: excessive memory allocation when reading a file

CVE-2020-36332

VCID-9jcb-yrmd-7uen

libwebp: heap-based buffer overflow in WebPDecode*Into functions

CVE-2020-36328

VCID-e3uc-36mx-mbfv

libwebp: out-of-bounds read in ChunkVerifyAndAssign() in mux/muxread.c

CVE-2020-36330

VCID-ecku-fk4j-s3hr

libwebp: out-of-bounds read in ChunkAssignData() in mux/muxinternal.c

CVE-2020-36331

VCID-hjha-gt3s-s3e3

libwebp: use of uninitialized value in ReadSymbol()

CVE-2018-25014

VCID-k4yg-g6p1-kkbz

libwebp: use-after-free in EmitFancyRGB() in dec/io_dec.c

CVE-2020-36329

VCID-ms2y-xj5p-4ud9

libwebp: out-of-bounds read in WebPMuxCreateInternal()

CVE-2018-25012

VCID-t16b-mbs7-wfc1

libwebp: heap-based buffer overflow in PutLE16()

CVE-2018-25011

VCID-vdzj-kqfy-d3b7

libwebp: OOB write in BuildHuffmanTable Heap buffer overflow in libwebp allow a remote attacker to perform an out of bounds memory write via a crafted HTML page.

CVE-2023-4863
GHSA-j7hp-h8jx-5ppr

VCID-wcer-d6dm-w3ch

libwebp: out-of-bounds read in WebPMuxCreateInternal

CVE-2018-25009

VCID-yjus-jmfg-tyfv

libwebp: out-of-bounds read in ShiftBytes()

CVE-2018-25013

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T00:50:16.307244+00:00	Debian Oval Importer	Fixing	VCID-8nht-54x7-gqf1	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-16T00:13:53.689454+00:00	Debian Oval Importer	Fixing	VCID-ecku-fk4j-s3hr	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-16T00:04:21.248169+00:00	Debian Oval Importer	Fixing	VCID-e3uc-36mx-mbfv	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T23:24:11.309615+00:00	Debian Oval Importer	Fixing	VCID-yjus-jmfg-tyfv	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T22:22:03.016319+00:00	Debian Oval Importer	Fixing	VCID-k4yg-g6p1-kkbz	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T21:57:49.837120+00:00	Debian Oval Importer	Fixing	VCID-vdzj-kqfy-d3b7	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T21:42:56.271704+00:00	Debian Oval Importer	Fixing	VCID-ms2y-xj5p-4ud9	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T20:29:30.942903+00:00	Debian Oval Importer	Fixing	VCID-wcer-d6dm-w3ch	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T20:23:30.687488+00:00	Debian Oval Importer	Fixing	VCID-9jcb-yrmd-7uen	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T20:19:45.379418+00:00	Debian Oval Importer	Fixing	VCID-hjha-gt3s-s3e3	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T19:18:19.126775+00:00	Debian Oval Importer	Fixing	VCID-5hzf-gdbj-8ud8	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T17:25:03.615784+00:00	Debian Oval Importer	Fixing	VCID-t16b-mbs7-wfc1	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T16:35:20.839783+00:00	Debian Oval Importer	Fixing	VCID-6z14-frdw-r3dh	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-12T00:22:45.509223+00:00	Debian Oval Importer	Fixing	VCID-8nht-54x7-gqf1	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T23:47:38.952585+00:00	Debian Oval Importer	Fixing	VCID-ecku-fk4j-s3hr	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T23:38:25.555029+00:00	Debian Oval Importer	Fixing	VCID-e3uc-36mx-mbfv	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T22:59:40.386007+00:00	Debian Oval Importer	Fixing	VCID-yjus-jmfg-tyfv	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T21:59:26.062220+00:00	Debian Oval Importer	Fixing	VCID-k4yg-g6p1-kkbz	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T21:36:07.039255+00:00	Debian Oval Importer	Fixing	VCID-vdzj-kqfy-d3b7	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T21:21:40.687305+00:00	Debian Oval Importer	Fixing	VCID-ms2y-xj5p-4ud9	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T20:10:55.141176+00:00	Debian Oval Importer	Fixing	VCID-wcer-d6dm-w3ch	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T20:05:06.422901+00:00	Debian Oval Importer	Fixing	VCID-9jcb-yrmd-7uen	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T20:01:26.631844+00:00	Debian Oval Importer	Fixing	VCID-hjha-gt3s-s3e3	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T19:01:41.625596+00:00	Debian Oval Importer	Fixing	VCID-5hzf-gdbj-8ud8	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T17:11:26.214711+00:00	Debian Oval Importer	Fixing	VCID-t16b-mbs7-wfc1	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T16:22:20.920535+00:00	Debian Oval Importer	Fixing	VCID-6z14-frdw-r3dh	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-08T23:53:27.119987+00:00	Debian Oval Importer	Fixing	VCID-8nht-54x7-gqf1	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T23:19:51.974337+00:00	Debian Oval Importer	Fixing	VCID-ecku-fk4j-s3hr	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T23:10:58.314014+00:00	Debian Oval Importer	Fixing	VCID-e3uc-36mx-mbfv	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T22:33:50.213013+00:00	Debian Oval Importer	Fixing	VCID-yjus-jmfg-tyfv	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T21:36:35.746294+00:00	Debian Oval Importer	Fixing	VCID-k4yg-g6p1-kkbz	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T21:14:15.493123+00:00	Debian Oval Importer	Fixing	VCID-vdzj-kqfy-d3b7	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T21:00:21.112585+00:00	Debian Oval Importer	Fixing	VCID-ms2y-xj5p-4ud9	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T19:52:11.163832+00:00	Debian Oval Importer	Fixing	VCID-wcer-d6dm-w3ch	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T19:46:40.998511+00:00	Debian Oval Importer	Fixing	VCID-9jcb-yrmd-7uen	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T19:43:09.977301+00:00	Debian Oval Importer	Fixing	VCID-hjha-gt3s-s3e3	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T18:46:10.362208+00:00	Debian Oval Importer	Fixing	VCID-5hzf-gdbj-8ud8	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T17:00:25.468147+00:00	Debian Oval Importer	Fixing	VCID-t16b-mbs7-wfc1	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T16:14:09.521540+00:00	Debian Oval Importer	Fixing	VCID-6z14-frdw-r3dh	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0

2026-04-16T00:50:16.307244+00:00

Debian Oval Importer

Fixing

VCID-8nht-54x7-gqf1

https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2

38.4.0

2026-04-16T00:13:53.689454+00:00

Debian Oval Importer

Fixing

VCID-ecku-fk4j-s3hr

https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2

38.4.0

2026-04-16T00:04:21.248169+00:00

Debian Oval Importer

Fixing

VCID-e3uc-36mx-mbfv

https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2

38.4.0

2026-04-15T23:24:11.309615+00:00

Debian Oval Importer

Fixing

VCID-yjus-jmfg-tyfv

https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2

38.4.0

2026-04-15T22:22:03.016319+00:00

Debian Oval Importer

Fixing

VCID-k4yg-g6p1-kkbz

https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2

38.4.0

2026-04-15T21:57:49.837120+00:00

Debian Oval Importer

Fixing

VCID-vdzj-kqfy-d3b7

https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2

38.4.0

2026-04-15T21:42:56.271704+00:00

Debian Oval Importer

Fixing

VCID-ms2y-xj5p-4ud9

https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2

38.4.0

2026-04-15T20:29:30.942903+00:00

Debian Oval Importer

Fixing

VCID-wcer-d6dm-w3ch

https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2

38.4.0

2026-04-15T20:23:30.687488+00:00

Debian Oval Importer

Fixing

VCID-9jcb-yrmd-7uen

https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2

38.4.0

2026-04-15T20:19:45.379418+00:00

Debian Oval Importer

Fixing

VCID-hjha-gt3s-s3e3

https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2

38.4.0

2026-04-15T19:18:19.126775+00:00

Debian Oval Importer

Fixing

VCID-5hzf-gdbj-8ud8

https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2

38.4.0

2026-04-15T17:25:03.615784+00:00

Debian Oval Importer

Fixing

VCID-t16b-mbs7-wfc1

https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2

38.4.0

2026-04-15T16:35:20.839783+00:00

Debian Oval Importer

Fixing

VCID-6z14-frdw-r3dh

https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2

38.4.0

2026-04-12T00:22:45.509223+00:00

Debian Oval Importer

Fixing

VCID-8nht-54x7-gqf1

https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2

38.3.0

2026-04-11T23:47:38.952585+00:00

Debian Oval Importer

Fixing

VCID-ecku-fk4j-s3hr

https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2

38.3.0

2026-04-11T23:38:25.555029+00:00

Debian Oval Importer

Fixing

VCID-e3uc-36mx-mbfv

https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2

38.3.0

2026-04-11T22:59:40.386007+00:00

Debian Oval Importer

Fixing

VCID-yjus-jmfg-tyfv

https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2

38.3.0

2026-04-11T21:59:26.062220+00:00

Debian Oval Importer

Fixing

VCID-k4yg-g6p1-kkbz

https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2

38.3.0

2026-04-11T21:36:07.039255+00:00

Debian Oval Importer

Fixing

VCID-vdzj-kqfy-d3b7

https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2

38.3.0

2026-04-11T21:21:40.687305+00:00

Debian Oval Importer

Fixing

VCID-ms2y-xj5p-4ud9

https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2

38.3.0

2026-04-11T20:10:55.141176+00:00

Debian Oval Importer

Fixing

VCID-wcer-d6dm-w3ch

https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2

38.3.0

2026-04-11T20:05:06.422901+00:00

Debian Oval Importer

Fixing

VCID-9jcb-yrmd-7uen

https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2

38.3.0

2026-04-11T20:01:26.631844+00:00

Debian Oval Importer

Fixing

VCID-hjha-gt3s-s3e3

https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2

38.3.0

2026-04-11T19:01:41.625596+00:00

Debian Oval Importer

Fixing

VCID-5hzf-gdbj-8ud8

https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2

38.3.0

2026-04-11T17:11:26.214711+00:00

Debian Oval Importer

Fixing

VCID-t16b-mbs7-wfc1

https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2

38.3.0

2026-04-11T16:22:20.920535+00:00

Debian Oval Importer

Fixing

VCID-6z14-frdw-r3dh

https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2

38.3.0

2026-04-08T23:53:27.119987+00:00

Debian Oval Importer

Fixing

VCID-8nht-54x7-gqf1

https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2

38.1.0

2026-04-08T23:19:51.974337+00:00

Debian Oval Importer

Fixing

VCID-ecku-fk4j-s3hr

https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2

38.1.0

2026-04-08T23:10:58.314014+00:00

Debian Oval Importer

Fixing

VCID-e3uc-36mx-mbfv

https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2

38.1.0

2026-04-08T22:33:50.213013+00:00

Debian Oval Importer

Fixing

VCID-yjus-jmfg-tyfv

https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2

38.1.0

2026-04-08T21:36:35.746294+00:00

Debian Oval Importer

Fixing

VCID-k4yg-g6p1-kkbz

https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2

38.1.0

2026-04-08T21:14:15.493123+00:00

Debian Oval Importer

Fixing

VCID-vdzj-kqfy-d3b7

https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2

38.1.0

2026-04-08T21:00:21.112585+00:00

Debian Oval Importer

Fixing

VCID-ms2y-xj5p-4ud9

https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2

38.1.0

2026-04-08T19:52:11.163832+00:00

Debian Oval Importer

Fixing

VCID-wcer-d6dm-w3ch

https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2

38.1.0

2026-04-08T19:46:40.998511+00:00

Debian Oval Importer

Fixing

VCID-9jcb-yrmd-7uen

https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2

38.1.0

2026-04-08T19:43:09.977301+00:00

Debian Oval Importer

Fixing

VCID-hjha-gt3s-s3e3

https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2

38.1.0

2026-04-08T18:46:10.362208+00:00

Debian Oval Importer

Fixing

VCID-5hzf-gdbj-8ud8

https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2

38.1.0

2026-04-08T17:00:25.468147+00:00

Debian Oval Importer

Fixing

VCID-t16b-mbs7-wfc1

https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2

38.1.0

2026-04-08T16:14:09.521540+00:00

Debian Oval Importer

Fixing

VCID-6z14-frdw-r3dh

https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2

38.1.0