{"id":"CLSA-2025-1759157126","summary":"libwebp: Fix of 3 CVEs","details":"- CVE-2020-36329: fix use-after-free vulnerability by delaying thread\n  termination\n- CVE-2020-36330: fix out-of-bounds read in ChunkVerifyAndAssign function\n- CVE-2020-36331: fix out-of-bounds read in ChunkAssignData function","modified":"2026-05-27T11:18:34.557477296Z","published":"2025-09-29T14:45:31Z","upstream":["CVE-2020-36329","CVE-2020-36330","CVE-2020-36331"],"references":[{"type":"ADVISORY","url":"https://errata.tuxcare.com/els_os/oraclelinux6els/CLSA-2025-1759157126.html"}],"affected":[{"package":{"name":"libwebp","ecosystem":"TuxCare:OracleLinux:6","purl":"pkg:rpm/tuxcare/libwebp?distro=oraclelinux-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.4.3-3.el6.tuxcare.els3"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2025-1759157126.json"}},{"package":{"name":"libwebp-devel","ecosystem":"TuxCare:OracleLinux:6","purl":"pkg:rpm/tuxcare/libwebp-devel?distro=oraclelinux-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.4.3-3.el6.tuxcare.els3"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2025-1759157126.json"}},{"package":{"name":"libwebp-java","ecosystem":"TuxCare:OracleLinux:6","purl":"pkg:rpm/tuxcare/libwebp-java?distro=oraclelinux-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.4.3-3.el6.tuxcare.els3"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2025-1759157126.json"}},{"package":{"name":"libwebp-tools","ecosystem":"TuxCare:OracleLinux:6","purl":"pkg:rpm/tuxcare/libwebp-tools?distro=oraclelinux-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.4.3-3.el6.tuxcare.els3"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2025-1759157126.json"}}],"schema_version":"1.7.5"}