A flaw was found in libwebp in versions before 1.0.1. A heap-based buffer overflow in function WebPDecodeRGBInto is possible due to an invalid check for buffer size. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2021-05-21T16:14:21

Updated: 2024-08-04T17:23:10.457Z

Reserved: 2021-05-04T00:00:00

Link: CVE-2020-36328

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2021-05-21T17:15:08.270

Modified: 2024-11-21T05:29:17.770

Link: CVE-2020-36328

cve-icon Redhat

Severity : Important

Publid Date: 2020-02-25T00:00:00Z

Links: CVE-2020-36328 - Bugzilla