Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

CVE-2020-36328

UNKNOWN
Published 2021-05-21T16:14:21
Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2020-36328. We'll provide specific mitigation strategies based on your environment and risk profile.

No CVSS data available

Description

A flaw was found in libwebp in versions before 1.0.1. A heap-based buffer overflow in function WebPDecodeRGBInto is possible due to an invalid check for buffer size. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

⚠ Unreviewed CRITICAL

GHSA-jxwm-333p-5cwx

Advisory Details

A flaw was found in libwebp in versions before 1.0.1. A heap-based buffer overflow in function WebPDecodeRGBInto is possible due to an invalid check for buffer size. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

CVSS Scoring

CVSS Score

9.0

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2020-36328
WEB https://bugzilla.redhat.com/show_bug.cgi?id=1956829
WEB https://lists.debian.org/debian-lts-announce/2021/06/msg00005.html
WEB https://lists.debian.org/debian-lts-announce/2021/06/msg00006.html
WEB https://security.netapp.com/advisory/ntap-20211112-0001
WEB https://support.apple.com/kb/HT212601
WEB https://www.debian.org/security/2021/dsa-4930
WEB http://seclists.org/fulldisclosure/2021/Jul/54

Advisory provided by GitHub Security Advisory Database. Published: May 24, 2022, Modified: January 9, 2023

References

https://bugzilla.redhat.com/show_bug.cgi?id=1956829
https://lists.debian.org/debian-lts-announce/2021/06/msg00005.html
https://lists.debian.org/debian-lts-announce/2021/06/msg00006.html
https://www.debian.org/security/2021/dsa-4930
https://support.apple.com/kb/HT212601
http://seclists.org/fulldisclosure/2021/Jul/54
https://security.netapp.com/advisory/ntap-20211112-0001/
Published: 2021-05-21T16:14:21
Last Modified: 2024-08-04T17:23:10.457Z
Copied to clipboard!