libwebp: Fix of CVE-2023-1999

🗓️ 12 Oct 2023 18:41:30Reported by CloudLinuxType

cloudlinux

cloudlinux🔗 repo.cloudlinux.com👁 45 Views

libwebp: Fix of CVE-2023-1999 - avoids a double free in uni

Reporter	Title	Published	Views	Family All 294
IBM Security Bulletins	Security Bulletin: IBM QRadar SIEM includes components with known vulnerabilities	6 Jul 202318:48	–	ibm
Tenable Nessus	Amazon Linux 2023 : libwebp, libwebp-devel, libwebp-java (ALAS2023-2023-185)	8 Jun 202300:00	–	nessus
Tenable Nessus	Amazon Linux 2 : thunderbird (ALAS-2023-2028)	2 May 202300:00	–	nessus
Tenable Nessus	Amazon Linux 2 : firefox (ALASFIREFOX-2023-005)	27 Sep 202300:00	–	nessus
Tenable Nessus	Alibaba Cloud Linux 3 : 0115: libwebp (ALINUX3-SA-2023:0115)	14 May 202500:00	–	nessus
Tenable Nessus	AlmaLinux 8 : libwebp (ALSA-2023:2076)	3 May 202300:00	–	nessus
Tenable Nessus	AlmaLinux 9 : libwebp (ALSA-2023:2078)	3 May 202300:00	–	nessus
Tenable Nessus	CentOS 8 : firefox (CESA-2023:1787)	8 Feb 202400:00	–	nessus
Tenable Nessus	CentOS 8 : thunderbird (CESA-2023:1802)	8 Feb 202400:00	–	nessus
Tenable Nessus	CentOS 7 : firefox (RHSA-2023:1791)	25 Apr 202300:00	–	nessus

OS	OS Version	Architecture	Package	Package Version	Filename
Centos	6	i686	libwebp	0.4.3	libwebp-0.4.3-3.el6.tuxcare.els1.src.rpm
Centos	6	x86_64	libwebp	0.4.3	libwebp-0.4.3-3.el6.tuxcare.els1.src.rpm
Centos	6	i686	libwebp-devel	0.4.3	libwebp-0.4.3-3.el6.tuxcare.els1.src.rpm
Centos	6	x86_64	libwebp-devel	0.4.3	libwebp-0.4.3-3.el6.tuxcare.els1.src.rpm
Centos	6	x86_64	libwebp-java	0.4.3	libwebp-0.4.3-3.el6.tuxcare.els1.src.rpm
Centos	6	x86_64	libwebp-tools	0.4.3	libwebp-0.4.3-3.el6.tuxcare.els1.src.rpm

12 Oct 2023 18:41Current

8High risk

Vulners AI Score8

CVSS 3.15.3 - 7.5

EPSS0.00353

SSVC

libwebp fix cve-2023-1999 avoids double free unix