CVE-2020-36331: libwebp: out-of-bounds read in ChunkAssignData() in mux/muxinternal.c

Severity: Critical

CVSS Score: 9.1

A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds read was found in function ChunkAssignData. The highest threat from this vulnerability is to data confidentiality and to the service availability.