Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Use after free in libwebp
Vulnerability Description
There exists a use after free/double free in libwebp. An attacker can use the ApplyFiltersAndEncode() function and loop through to free best.bw and assign best = trial pointer. The second loop will then return 0 because of an Out of memory error in VP8 encoder, the pointer is still assigned to trial and the AddressSanitizer will attempt a double free.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
Vulnerability Type
释放后使用
Vulnerability Title
libwebp 资源管理错误漏洞
Vulnerability Description
libwebp是一个WebP图像格式的编码和解码库。 libwebp存在安全漏洞,该漏洞源于VP8编码器内存不足,从而导致内存释放后重用。
CVSS Information
N/A
Vulnerability Type
N/A