Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:deb/debian/libwebp@1.2.4-0.2%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/libwebp@1.2.4-0.2%2Bdeb12u1?distro=trixie
Vulnerabilities affecting this package (0)
Vulnerability Summary Fixed by
This package is not known to be affected by vulnerabilities.
Vulnerabilities fixed by this package (16)
Vulnerability Summary Aliases
VCID-5hzf-gdbj-8ud8 Double Free There exists a use after free/double free in libwebp. An attacker can use the ApplyFiltersAndEncode() function and loop through to free best.bw and assign best = trial pointer. The second loop will then return 0 because of an Out of memory error in VP8 encoder, the pointer is still assigned to trial and the AddressSanitizer will attempt a double free. CVE-2023-1999
VCID-6z14-frdw-r3dh libwebp: out-of-bounds read in ApplyFilter() CVE-2018-25010
VCID-8nht-54x7-gqf1 libwebp: excessive memory allocation when reading a file CVE-2020-36332
VCID-9jcb-yrmd-7uen libwebp: heap-based buffer overflow in WebPDecode*Into functions CVE-2020-36328
VCID-c6sz-91cq-8yfx An integer overflow vulnerability in WebP could lead to arbitrary code execution or Denial of Service. CVE-2012-5127
VCID-e3uc-36mx-mbfv libwebp: out-of-bounds read in ChunkVerifyAndAssign() in mux/muxread.c CVE-2020-36330
VCID-ecku-fk4j-s3hr libwebp: out-of-bounds read in ChunkAssignData() in mux/muxinternal.c CVE-2020-36331
VCID-edjd-xk1f-gkgg Multiple vulnerabilities have been discovered in WebP, the worst of which could allow a remote attacker to cause a Denial of Service condition. CVE-2016-9085
VCID-hjha-gt3s-s3e3 libwebp: use of uninitialized value in ReadSymbol() CVE-2018-25014
VCID-k4yg-g6p1-kkbz libwebp: use-after-free in EmitFancyRGB() in dec/io_dec.c CVE-2020-36329
VCID-ms2y-xj5p-4ud9 libwebp: out-of-bounds read in WebPMuxCreateInternal() CVE-2018-25012
VCID-t16b-mbs7-wfc1 libwebp: heap-based buffer overflow in PutLE16() CVE-2018-25011
VCID-vdzj-kqfy-d3b7 libwebp: OOB write in BuildHuffmanTable Heap buffer overflow in libwebp allow a remote attacker to perform an out of bounds memory write via a crafted HTML page. CVE-2023-4863
GHSA-j7hp-h8jx-5ppr
VCID-wcer-d6dm-w3ch libwebp: out-of-bounds read in WebPMuxCreateInternal CVE-2018-25009
VCID-y1t9-28vr-euep In libwebp 0.5.1, there is a double free bug in libwebpmux. CVE-2016-9969
PYSEC-2019-256
VCID-yjus-jmfg-tyfv libwebp: out-of-bounds read in ShiftBytes() CVE-2018-25013

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T13:11:03.984336+00:00 Debian Importer Fixing VCID-y1t9-28vr-euep https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T12:32:42.377711+00:00 Debian Importer Fixing VCID-edjd-xk1f-gkgg https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T12:30:17.242748+00:00 Debian Importer Fixing VCID-5hzf-gdbj-8ud8 https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T12:24:29.508814+00:00 Debian Importer Fixing VCID-ms2y-xj5p-4ud9 https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T12:21:38.360739+00:00 Debian Importer Fixing VCID-t16b-mbs7-wfc1 https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T12:13:13.889252+00:00 Debian Importer Fixing VCID-vdzj-kqfy-d3b7 https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T11:49:58.736085+00:00 Debian Importer Fixing VCID-hjha-gt3s-s3e3 https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T11:40:53.154396+00:00 Debian Importer Fixing VCID-c6sz-91cq-8yfx https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T11:18:04.681150+00:00 Debian Importer Fixing VCID-e3uc-36mx-mbfv https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T10:27:56.305884+00:00 Debian Importer Fixing VCID-yjus-jmfg-tyfv https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T09:35:01.274808+00:00 Debian Importer Fixing VCID-8nht-54x7-gqf1 https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T09:13:41.540156+00:00 Debian Importer Fixing VCID-k4yg-g6p1-kkbz https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T09:09:40.724306+00:00 Debian Importer Fixing VCID-ecku-fk4j-s3hr https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T08:50:28.373565+00:00 Debian Importer Fixing VCID-6z14-frdw-r3dh https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T08:48:01.986883+00:00 Debian Importer Fixing VCID-wcer-d6dm-w3ch https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T08:40:50.436589+00:00 Debian Importer Fixing VCID-9jcb-yrmd-7uen https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-13T09:04:19.408551+00:00 Debian Importer Fixing VCID-y1t9-28vr-euep https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T08:35:28.089089+00:00 Debian Importer Fixing VCID-edjd-xk1f-gkgg https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T08:33:41.306082+00:00 Debian Importer Fixing VCID-5hzf-gdbj-8ud8 https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T08:29:31.914176+00:00 Debian Importer Fixing VCID-ms2y-xj5p-4ud9 https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T08:27:26.051244+00:00 Debian Importer Fixing VCID-t16b-mbs7-wfc1 https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T08:21:33.908925+00:00 Debian Importer Fixing VCID-vdzj-kqfy-d3b7 https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T08:04:31.015579+00:00 Debian Importer Fixing VCID-hjha-gt3s-s3e3 https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T07:57:31.729071+00:00 Debian Importer Fixing VCID-c6sz-91cq-8yfx https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T07:41:19.814705+00:00 Debian Importer Fixing VCID-e3uc-36mx-mbfv https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T07:03:40.846168+00:00 Debian Importer Fixing VCID-yjus-jmfg-tyfv https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-11T18:23:01.741091+00:00 Debian Importer Fixing VCID-8nht-54x7-gqf1 https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-11T18:10:21.006658+00:00 Debian Importer Fixing VCID-k4yg-g6p1-kkbz https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-11T18:07:58.519824+00:00 Debian Importer Fixing VCID-ecku-fk4j-s3hr https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-11T17:56:22.434609+00:00 Debian Importer Fixing VCID-6z14-frdw-r3dh https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-11T17:54:46.534209+00:00 Debian Importer Fixing VCID-wcer-d6dm-w3ch https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-11T17:50:05.769570+00:00 Debian Importer Fixing VCID-9jcb-yrmd-7uen https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-03T07:29:58.742271+00:00 Debian Importer Fixing VCID-vdzj-kqfy-d3b7 https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:29:58.690545+00:00 Debian Importer Fixing VCID-5hzf-gdbj-8ud8 https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:29:58.652910+00:00 Debian Importer Fixing VCID-8nht-54x7-gqf1 https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:29:58.619008+00:00 Debian Importer Fixing VCID-ecku-fk4j-s3hr https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:29:58.585138+00:00 Debian Importer Fixing VCID-e3uc-36mx-mbfv https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:29:58.551058+00:00 Debian Importer Fixing VCID-k4yg-g6p1-kkbz https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:29:58.516189+00:00 Debian Importer Fixing VCID-9jcb-yrmd-7uen https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:29:58.481827+00:00 Debian Importer Fixing VCID-hjha-gt3s-s3e3 https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:29:58.447571+00:00 Debian Importer Fixing VCID-yjus-jmfg-tyfv https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:29:58.413240+00:00 Debian Importer Fixing VCID-ms2y-xj5p-4ud9 https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:29:58.379113+00:00 Debian Importer Fixing VCID-t16b-mbs7-wfc1 https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:29:58.345236+00:00 Debian Importer Fixing VCID-6z14-frdw-r3dh https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:29:58.310330+00:00 Debian Importer Fixing VCID-wcer-d6dm-w3ch https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:29:58.275099+00:00 Debian Importer Fixing VCID-y1t9-28vr-euep https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:29:58.227286+00:00 Debian Importer Fixing VCID-edjd-xk1f-gkgg https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:29:58.183756+00:00 Debian Importer Fixing VCID-c6sz-91cq-8yfx https://security-tracker.debian.org/tracker/data/json 38.1.0