JLSEC-2026-440

See a problem?
Please try reporting it to the source first.

Source

https://github.com/JuliaLang/SecurityAdvisories.jl/blob/main/advisories/published/2026/JLSEC-2026-440.md

Import Source

https://github.com/JuliaLang/SecurityAdvisories.jl/tree/generated/osv/2026/JLSEC-2026-440.json

JSON Data

https://api.test.osv.dev/v1/vulns/JLSEC-2026-440

Upstream

CVE-2023-1999

Published

2026-05-04T13:35:07.628Z

Modified

2026-05-04T13:45:06.151005Z

Summary

[none]

Details

There exists a use after free/double free in libwebp. An attacker can use the ApplyFiltersAndEncode() function and loop through to free best.bw and assign best = trial pointer. The second loop will then return 0 because of an Out of memory error in VP8 encoder, the pointer is still assigned to trial and the AddressSanitizer will attempt a double free.

Database specific

{
    "license": "CC-BY-4.0",
    "sources": [
        {
            "html_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-1999",
            "published": "2023-06-20T12:15:09.600Z",
            "database_specific": {
                "status": "Modified"
            },
            "modified": "2025-02-13T17:16:01.293Z",
            "url": "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2023-1999",
            "id": "CVE-2023-1999",
            "imported": "2026-05-03T08:43:14.502Z"
        }
    ]
}

References

Affected packages

Julia / libwebp_jll

Package

Name: libwebp_jll
Purl: pkg:julia/libwebp_jll?uuid=c5f90fcd-3b7e-5836-afba-fc50a0988cb2

Affected ranges

Type: SEMVER
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.3.2+0

Database specific

source

"https://github.com/JuliaLang/SecurityAdvisories.jl/tree/generated/osv/2026/JLSEC-2026-440.json"