Skip to main content

Use of Uninitialized Resource

CVE-2018-25014

Severity High
Score 9.8/10

Summary

A flaw was found in libwebp in versions prior to 1.0.1-rc2. An unitialized variable is used in function ReadSymbol. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. This has the same fix as CVE-2018-25013.

  • LOW
  • NETWORK
  • HIGH
  • UNCHANGED
  • NONE
  • NONE
  • HIGH
  • HIGH

CWE-908 - Use of Uninitialized Resource

The software uses or accesses a resource that has not been initialized.

Advisory Timeline

  • Published