imagecodecs versions before v2023.9.18 bundled libwebp binaries in wheels that are vulnerable to CVE-2023-5129 (previously CVE-2023-4863). imagecodecs v2023.9.18 upgrades the bundled libwebp binary to v1.3.2.

CPENameOperatorVersion
imagecodecseq2021.11.11
imagecodecseq2019.1.14
imagecodecseq2021.11.20
imagecodecseq2022.2.22
imagecodecseq2019.12.31
imagecodecseq2023.3.16
imagecodecseq2021.1.28
imagecodecseq2022.9.26
imagecodecseq2022.7.27
imagecodecseq2020.2.18

Name	Operator	Version
imagecodecs	eq	2021.11.11
imagecodecs	eq	2019.1.14
imagecodecs	eq	2021.11.20
imagecodecs	eq	2022.2.22
imagecodecs	eq	2019.12.31
imagecodecs	eq	2023.3.16
imagecodecs	eq	2021.1.28
imagecodecs	eq	2022.9.26
imagecodecs	eq	2022.7.27
imagecodecs	eq	2020.2.18

Rows per page:

1-10 of 461

References

github.com/cgohlke/imagecodecs

github.com/cgohlke/imagecodecs/blob/v2023.9.18/CHANGES.rst

github.com/pypa/advisory-database/tree/main/vulns/imagecodecs/PYSEC-2023-174.yaml

nvd.nist.gov/vuln/detail/CVE-2023-4863

nvd.nist.gov/vuln/detail/CVE-2023-5129

nessus 73

ubuntucve 1

kaspersky 5

redhat 22

osv 19

attackerkb 2

mozilla 1

cnvd 1

openvas 28

alpinelinux 2

redhatcve 1

github 4

rocky 2

f5 1

cve 1

prion 2

photon 1

talosblog 1

debiancve 2

redos 1

fedora 8

hivepro 1

ibm 2

debian 2

cloudfoundry 1

almalinux 1

amazon 1

wolfi 1

oraclelinux 4

mageia 1

slackware 1

freebsd 1

paloalto 1

hp 1

cvelist 1

githubexploit 1

cgr 1

nessus

RHEL 8 : thunderbird (RHSA-2023:5186)

2023-09-18 00:00:00

RHEL 8 : firefox (RHSA-2023:5184)

2023-09-18 00:00:00

RHEL 9 : thunderbird (RHSA-2023:5223)

2023-09-19 00:00:00

ubuntucve

CVE-2023-5129

2023-09-25 00:00:00

kaspersky

KLA60726 DoS vulnerability in Mozilla Firefox ESR

2023-09-12 00:00:00

KLA60725 DoS vulnerability in Mozilla Thunderbird

2023-09-12 00:00:00

KLA60727 DoS vulnerability in Mozilla Firefox

2023-09-12 00:00:00

redhat

(RHSA-2023:5197) Important: firefox security update

2023-09-18 12:54:43

(RHSA-2023:5188) Important: thunderbird security update

2023-09-18 12:53:08

(RHSA-2023:5189) Important: libwebp security update

2023-09-18 12:53:09

osv

CVE-2023-4863

2023-09-12 15:15:24

libwebp: OOB write in BuildHuffmanTable

2023-09-12 12:00:00

Important: libwebp security update

2023-10-06 22:58:06

attackerkb

CVE-2023-5129

2023-09-25 00:00:00

CVE-2023-4863

2023-09-12 00:00:00

mozilla

Security Vulnerability fixed in Firefox 117.0.1, Firefox ESR 115.2.1, Firefox ESR 102.15.1, Thunderbird 102.15.1, and Thunderbird 115.2.2 — Mozilla

2023-09-12 00:00:00

cnvd

Google libwebp open source library remote code execution vulnerability

2023-09-27 00:00:00

openvas

Mozilla Firefox Security Advisory (MFSA2023-40) - Linux

2023-09-13 00:00:00

Fedora: Security Advisory for libwebp (FEDORA-2023-e692a72898)

2023-10-16 00:00:00

Fedora: Security Advisory for libwebp (FEDORA-2023-2a0668fe43)

2023-10-01 00:00:00

alpinelinux

CVE-2023-5129

2023-09-25 21:15:16

CVE-2023-4863

2023-09-12 15:15:24

redhatcve

CVE-2023-5129

2023-09-27 17:55:08

github

Bundled libwebp in imagecodecs vulnerable

2023-10-05 00:07:46

Bundled libwebp in Pillow vulnerable

2023-10-05 00:06:58

libwebp: OOB write in BuildHuffmanTable

2023-09-12 15:30:20

rocky

libwebp security update

2023-10-06 22:58:06

thunderbird security update

2023-10-06 22:57:16

K000137054 : libwebp vulnerabilities CVE-2023-4863 and CVE-2023-5129

2023-09-29 00:00:00

cve

CVE-2023-5129

2023-09-25 21:15:16

prion

Open redirect

2023-09-25 21:15:00

Heap overflow

2023-09-12 15:15:00

photon

Critical Photon OS Security Update - PHSA-2023-3.0-0657

2023-09-28 00:00:00

talosblog

The security pitfalls of social media sites offering ID-based authentication

2023-09-28 18:00:11

debiancve

CVE-2023-5129

2023-09-25 21:15:00

CVE-2023-4863

2023-09-12 15:15:24

redos

ROS-20240404-15

2024-04-04 00:00:00

fedora

[SECURITY] Fedora 38 Update: firefox-118.0.1-4.fc38

2023-10-06 01:31:45

[SECURITY] Fedora 37 Update: firefox-118.0.1-7.fc37

2023-10-10 01:33:42

[SECURITY] Fedora 37 Update: libwebp-1.3.2-2.fc37

2023-10-14 01:27:03

hivepro

Google Addresses Fourth Zero-Day Flaw Exploited by Attackers Wildly

2023-09-12 13:05:09

ibm

Security Bulletin: IBM Cognos Analytics Cartridge for IBM Cloud Pak for Data 4.8.0 has addressed a security vulnerability (CVE-2023-4863)

2023-11-29 22:25:21

Security Bulletin: IBM App Connect Enterprise is vulnerable to a heap-based buffer overflow due to electron

2023-10-20 09:35:15

debian

[SECURITY] [DLA 3569-1] thunderbird security update

2023-09-17 09:42:58

[SECURITY] [DSA 5497-1] libwebp security update

2023-09-13 21:07:56

cloudfoundry

USN-6369-1: libwebp vulnerability | Cloud Foundry

2023-10-12 00:00:00

almalinux

Important: thunderbird security update

2023-09-19 00:00:00

amazon

Important: qt5-qtimageformats

2023-11-09 19:19:00

wolfi

CVE-2023-4863 vulnerabilities

2024-05-20 03:07:17

oraclelinux

firefox security update

2023-09-19 00:00:00

libwebp security update

2023-09-20 00:00:00

thunderbird security update

2023-09-19 00:00:00

mageia

Updated libwebp packages fix a security vulnerability

2023-10-03 13:53:29

slackware

[slackware-security] mozilla-thunderbird

2023-09-14 02:32:34

freebsd

graphics/webp heap buffer overflow

2023-09-12 00:00:00

paloalto

Impact of libwebp Vulnerability CVE-2023-4863

2023-10-02 23:40:00

Certain HP Enterprise LaserJet, HP LaserJet Managed Printers – Potential Buffer Overflow

2024-02-20 00:00:00

cvelist

CVE-2023-4863

2023-09-12 14:24:59

githubexploit

Exploit for Out-of-bounds Write in Google Chrome

2023-09-21 05:22:51

cgr

CVE-2023-4863 vulnerabilities

2024-05-19 03:07:16

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
OpenSource

@2024 Vulners Inc

0.68 Medium

EPSS

Percentile

97.9%

JSON

Related for OSV:GHSA-94VC-P8W7-5P49