CVE-2020-36331

A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds read was found in function ChunkAssignData. The highest threat from this vulnerability is to data confidentiality and to the service availability.
Configurations

Configuration 1 (hide)

cpe:2.3:a:webmproject:libwebp:*:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*

Configuration 3 (hide)

cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*

Configuration 4 (hide)

OR cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

Configuration 5 (hide)

OR cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*

History

21 Nov 2024, 05:29

Type Values Removed Values Added
References () http://seclists.org/fulldisclosure/2021/Jul/54 - Mailing List, Third Party Advisory () http://seclists.org/fulldisclosure/2021/Jul/54 - Mailing List, Third Party Advisory
References () https://bugzilla.redhat.com/show_bug.cgi?id=1956856 - Issue Tracking, Patch, Third Party Advisory () https://bugzilla.redhat.com/show_bug.cgi?id=1956856 - Issue Tracking, Patch, Third Party Advisory
References () https://lists.debian.org/debian-lts-announce/2021/06/msg00005.html - Mailing List, Third Party Advisory () https://lists.debian.org/debian-lts-announce/2021/06/msg00005.html - Mailing List, Third Party Advisory
References () https://lists.debian.org/debian-lts-announce/2021/06/msg00006.html - Mailing List, Third Party Advisory () https://lists.debian.org/debian-lts-announce/2021/06/msg00006.html - Mailing List, Third Party Advisory
References () https://security.netapp.com/advisory/ntap-20211112-0001/ - Third Party Advisory () https://security.netapp.com/advisory/ntap-20211112-0001/ - Third Party Advisory
References () https://support.apple.com/kb/HT212601 - Third Party Advisory () https://support.apple.com/kb/HT212601 - Third Party Advisory
References () https://www.debian.org/security/2021/dsa-4930 - Mailing List, Third Party Advisory () https://www.debian.org/security/2021/dsa-4930 - Mailing List, Third Party Advisory

Information

Published : 2021-05-21 17:15

Updated : 2024-11-21 05:29


NVD link : CVE-2020-36331

Mitre link : CVE-2020-36331

CVE.ORG link : CVE-2020-36331


JSON object : View

Products Affected

debian

  • debian_linux

webmproject

  • libwebp

netapp

  • ontap_select_deploy_administration_utility

apple

  • ipados
  • iphone_os

redhat

  • enterprise_linux
CWE
CWE-125

Out-of-bounds Read