PT-2026-23916 · Mrnanko · Webp4J
Sp1D3R
·
Publicado
2026-03-08
·
Atualizado
2026-03-08
·
CVE-2026-3707
CVSS v3.1
5.3
Média
| Vetor | AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L |
Name of the Vulnerable Software and Affected Versions
MrNanko webp4j versions up to 1.3.x
Description
A flaw exists in the DecodeGifFromMemory function within the src/main/c/gif decoder.c file of MrNanko webp4j. Manipulation of the
canvas height argument can lead to an integer overflow. Local access is needed for exploitation. The exploit is publicly available.Recommendations
Implement the patch 89771b201c66d15d29e4cc016d8aae82b6a5fbe1 to correct this issue.
Exploit
Correção
Integer Overflow
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Webp4J