GHSA-j7hp-h8jx-5ppr

Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/09/GHSA-j7hp-h8jx-5ppr/GHSA-j7hp-h8jx-5ppr.json
Aliases
Published
2023-09-12T15:30:20Z
Modified
2023-09-22T19:31:22.626785Z
Details

Heap buffer overflow in libwebp allow a remote attacker to perform an out of bounds memory write via a crafted HTML page.

References

Affected packages

crates.io / libwebp-sys2

Source Details

Package Name
libwebp-sys2

Affected ranges

Type
SEMVER
Events
Introduced
0The exact introduced commit is unknown
Fixed
0.1.8

Ecosystem specific

{
    "affected_functions": [
        ""
    ]
}

crates.io / libwebp-sys

Source Details

Package Name
libwebp-sys

Affected ranges

Type
SEMVER
Events
Introduced
0The exact introduced commit is unknown
Fixed
0.9.3

Ecosystem specific

{
    "affected_functions": [
        ""
    ]
}

npm / electron

Source Details

Package Name
electron

Affected ranges

Type
SEMVER
Events
Introduced
22.0.0
Fixed
22.3.24

Ecosystem specific

{
    "affected_functions": [
        ""
    ]
}

npm / electron

Source Details

Package Name
electron

Affected ranges

Type
SEMVER
Events
Introduced
24.0.0
Fixed
24.8.3

Ecosystem specific

{
    "affected_functions": [
        ""
    ]
}

npm / electron

Source Details

Package Name
electron

Affected ranges

Type
SEMVER
Events
Introduced
25.0.0
Fixed
25.8.1

Ecosystem specific

{
    "affected_functions": [
        ""
    ]
}

npm / electron

Source Details

Package Name
electron

Affected ranges

Type
SEMVER
Events
Introduced
26.0.0
Fixed
26.2.1

Ecosystem specific

{
    "affected_functions": [
        ""
    ]
}

npm / electron

Source Details

Package Name
electron

Affected ranges

Type
SEMVER
Events
Introduced
27.0.0-beta.1
Fixed
27.0.0-beta.2

Ecosystem specific

{
    "affected_functions": [
        ""
    ]
}

NuGet / SkiaSharp

Source Details

Package Name
SkiaSharp

Affected ranges

Type
ECOSYSTEM
Events
Introduced
2.0.0
Fixed
2.88.6

Affected versions

2.*

2.80.0
2.80.1
2.80.2
2.80.3
2.80.4
2.88.0
2.88.1
2.88.2
2.88.3
2.88.4
2.88.5

Ecosystem specific

{
    "affected_functions": [
        ""
    ]
}

Go / github.com/chai2010/webp

Source Details

Affected ranges

Type
SEMVER
Events
Introduced
1.0.0

Ecosystem specific

{
    "affected_functions": [
        ""
    ]
}