cwebp@2.0.1 vulnerabilities
node.js wrapper for cwebp and dwebp binaries from WebP image processing utility
-
latest version
3.1.0
-
first published
11 years ago
-
latest version published
7 months ago
-
licenses detected
- >=0
Direct Vulnerabilities
Known vulnerabilities in the cwebp package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
Affected versions of this package are vulnerable to Heap-based Buffer Overflow when the Notes: This is only exploitable if the This vulnerability was also published on libwebp CVE-2023-5129 Changelog: 2023-09-12: Initial advisory publication 2023-09-27: Advisory details updated, including CVSS, references 2023-09-27: CVE-2023-5129 rejected as a duplicate of CVE-2023-4863 2023-09-28: Research and addition of additional affected libraries 2024-01-28: Additional fix information How to fix Heap-based Buffer Overflow? There is no fixed version for |
*
|