It was discovered that libwebp incorrectly handled certain malformed images. If a user or automated system were tricked into opening a specially crafted image file, a remote attacker could use this issue to cause libwebp to crash, resulting in a denial of service, or possibly execute arbitrary code.
{ "binaries": [ { "binary_name": "libwebp-dev", "binary_version": "0.6.1-2ubuntu0.20.04.3" }, { "binary_name": "libwebp6", "binary_version": "0.6.1-2ubuntu0.20.04.3" }, { "binary_name": "libwebp6-dbgsym", "binary_version": "0.6.1-2ubuntu0.20.04.3" }, { "binary_name": "libwebpdemux2", "binary_version": "0.6.1-2ubuntu0.20.04.3" }, { "binary_name": "libwebpdemux2-dbgsym", "binary_version": "0.6.1-2ubuntu0.20.04.3" }, { "binary_name": "libwebpmux3", "binary_version": "0.6.1-2ubuntu0.20.04.3" }, { "binary_name": "libwebpmux3-dbgsym", "binary_version": "0.6.1-2ubuntu0.20.04.3" }, { "binary_name": "webp", "binary_version": "0.6.1-2ubuntu0.20.04.3" }, { "binary_name": "webp-dbgsym", "binary_version": "0.6.1-2ubuntu0.20.04.3" } ], "availability": "No subscription required" }
{ "binaries": [ { "binary_name": "libwebp-dev", "binary_version": "1.2.2-2ubuntu0.22.04.2" }, { "binary_name": "libwebp7", "binary_version": "1.2.2-2ubuntu0.22.04.2" }, { "binary_name": "libwebp7-dbgsym", "binary_version": "1.2.2-2ubuntu0.22.04.2" }, { "binary_name": "libwebpdemux2", "binary_version": "1.2.2-2ubuntu0.22.04.2" }, { "binary_name": "libwebpdemux2-dbgsym", "binary_version": "1.2.2-2ubuntu0.22.04.2" }, { "binary_name": "libwebpmux3", "binary_version": "1.2.2-2ubuntu0.22.04.2" }, { "binary_name": "libwebpmux3-dbgsym", "binary_version": "1.2.2-2ubuntu0.22.04.2" }, { "binary_name": "webp", "binary_version": "1.2.2-2ubuntu0.22.04.2" }, { "binary_name": "webp-dbgsym", "binary_version": "1.2.2-2ubuntu0.22.04.2" } ], "availability": "No subscription required" }