You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
@haraldk Just a quick question: The libwepb library has a vulnerabily in relation to the Huffman tables. I was wondering if ImageIO-webp implementation of the Huffman tables might be affected as well, as I'm not sure if it's a separate implementation or based on the libwebp implementation of these tables.
Kind regards,
Balf
The text was updated successfully, but these errors were encountered:
The TwelveMonkeys ImageIO WebP plugin does not use libwebp or other native libraries. Our code is written in Java and not based on libwebp. The CVE describes the issue as a buffer overflow, which is unlikely to happen in Java code.
So to the best of my knowledge, our WebP plugin should not be affected by the vulnerability described in the CVE.
Hi!
@haraldk Just a quick question: The libwepb library has a vulnerabily in relation to the Huffman tables. I was wondering if ImageIO-webp implementation of the Huffman tables might be affected as well, as I'm not sure if it's a separate implementation or based on the libwebp implementation of these tables.
Kind regards,
Balf
The text was updated successfully, but these errors were encountered: