0.68 Medium
EPSS
Percentile
97.9%
imagecodecs versions before v2023.9.18 bundled libwebp binaries in wheels that are vulnerable to CVE-2023-5129 (previously CVE-2023-4863). imagecodecs v2023.9.18 upgrades the bundled libwebp binary to v1.3.2.
github.com/cgohlke/imagecodecs
github.com/cgohlke/imagecodecs/blob/v2023.9.18/CHANGES.rst
github.com/pypa/advisory-database/tree/main/vulns/imagecodecs/PYSEC-2023-174.yaml
nvd.nist.gov/vuln/detail/CVE-2023-4863
nvd.nist.gov/vuln/detail/CVE-2023-5129