Lucene search
RedHatRHSA-2023:5191HistorySep 18, 2023 - 12:53 p.m.
(RHSA-2023:5191) Important: thunderbird security update
2023-09-1812:53:14
access.redhat.com
15
mozilla thunderbird
standalone mail client
newsgroup client
libwebp
heap buffer overflow
cve-2023-4863
security update
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS
0.636
Percentile
97.9%
Mozilla Thunderbird is a standalone mail and newsgroup client.
This update upgrades Thunderbird to version 102.15.1.
Security Fix(es):
- libwebp: Heap buffer overflow in WebP Codec (CVE-2023-4863)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | 7 | x86_64 | thunderbird-debuginfo | < 102.15.1-1.el7_9 | thunderbird-debuginfo-102.15.1-1.el7_9.x86_64.rpm |
| RedHat | 7 | ppc64le | thunderbird | < 102.15.1-1.el7_9 | thunderbird-102.15.1-1.el7_9.ppc64le.rpm |
| RedHat | 7 | x86_64 | thunderbird | < 102.15.1-1.el7_9 | thunderbird-102.15.1-1.el7_9.x86_64.rpm |
| RedHat | 7 | ppc64le | thunderbird-debuginfo | < 102.15.1-1.el7_9 | thunderbird-debuginfo-102.15.1-1.el7_9.ppc64le.rpm |
Related
cnvd
cnvd
Google libwebp open source library remote code execution vulnerability
2023-09-27 00:00:00
nessus
nessus
RHEL 9 : thunderbird (RHSA-2023:5224)
2023-09-19 00:00:00
Rocky Linux 8 : thunderbird (RLSA-2023:5201)
2023-10-06 00:00:00
Fedora 38 : libwebp (2023-2a0668fe43)
2023-09-30 00:00:00
redhat
redhat
(RHSA-2023:5202) Important: thunderbird security update
2023-09-18 14:01:39
(RHSA-2023:5204) Important: libwebp security update
2023-09-18 15:04:13
(RHSA-2023:5186) Important: thunderbird security update
2023-09-18 12:53:06
openvas
openvas
Mozilla Firefox Security Advisory (MFSA2023-40) - Linux
2023-09-13 00:00:00
Fedora: Security Advisory for libwebp (FEDORA-2023-e692a72898)
2023-10-16 00:00:00
Fedora: Security Advisory for libwebp (FEDORA-2023-2a0668fe43)
2023-10-01 00:00:00
osv
osv
Important: thunderbird security update
2023-10-06 22:57:16
Bundled libwebp in imagecodecs vulnerable
2023-10-05 00:07:46
PYSEC-2023-175
2023-09-20 05:46:53
github
github
Bundled libwebp in imagecodecs vulnerable
2023-10-05 00:07:46
Bundled libwebp in Pillow vulnerable
2023-10-05 00:06:58
libwebp: OOB write in BuildHuffmanTable
2023-09-12 15:30:20
alpinelinux
alpinelinux
CVE-2023-5129
2023-09-25 21:15:16
CVE-2023-4863
2023-09-12 15:15:24
redhatcve
redhatcve
CVE-2023-5129
2023-09-27 17:55:08
attackerkb
attackerkb
CVE-2023-5129
2023-09-25 00:00:00
kaspersky
kaspersky
KLA60725 DoS vulnerability in Mozilla Thunderbird
2023-09-12 00:00:00
KLA60726 DoS vulnerability in Mozilla Firefox ESR
2023-09-12 00:00:00
KLA60727 DoS vulnerability in Mozilla Firefox
2023-09-12 00:00:00
mozilla
mozilla
githubexploit
githubexploit
Exploit for Out-of-bounds Write in Google Chrome
2023-09-30 02:47:16
Exploit for Out-of-bounds Write in Google Chrome
2023-09-29 00:42:37
Exploit for Out-of-bounds Write in Google Chrome
2023-10-05 03:28:23
nvd
nvd
CVE-2023-5129
2023-09-25 21:15:16
ubuntucve
ubuntucve
CVE-2023-5129
2023-09-25 00:00:00
rocky
rocky
libwebp security update
2023-10-06 22:58:06
thunderbird security update
2023-10-06 22:57:16
libwebp security update
2023-09-26 13:26:19
f5
f5
K000137054 : libwebp vulnerabilities CVE-2023-4863 and CVE-2023-5129
2023-09-29 00:00:00
cve
cve
CVE-2023-5129
2023-09-25 21:15:16
prion
prion
Open redirect
2023-09-25 21:15:00
photon
photon
Critical Photon OS Security Update - PHSA-2023-3.0-0657
2023-09-28 00:00:00
talosblog
talosblog
The security pitfalls of social media sites offering ID-based authentication
2023-09-28 18:00:11
debiancve
debiancve
CVE-2023-5129
2023-09-25 21:15:00
CVE-2023-4863
2023-09-12 15:15:24
cvelist
cvelist
CVE-2023-5129
2023-09-25 20:42:25
fedora
fedora
[SECURITY] Fedora 37 Update: firefox-118.0.1-7.fc37
2023-10-10 01:33:42
[SECURITY] Fedora 38 Update: firefox-118.0.1-4.fc38
2023-10-06 01:31:45
[SECURITY] Fedora 37 Update: libwebp-1.3.2-2.fc37
2023-10-14 01:27:03
redos
redos
ROS-20240404-15
2024-04-04 00:00:00
amazon
amazon
Important: qt5-qtimageformats
2023-11-09 19:19:00
hivepro
hivepro
Google Addresses Fourth Zero-Day Flaw Exploited by Attackers Wildly
2023-09-12 13:05:09
debian
debian
[SECURITY] [DSA 5497-1] libwebp security update
2023-09-13 21:07:56
[SECURITY] [DLA 3569-1] thunderbird security update
2023-09-17 09:42:33
[SECURITY] [DSA 5497-2] libwebp security update
2023-09-17 15:33:28
almalinux
almalinux
Important: thunderbird security update
2023-09-19 00:00:00
Important: thunderbird security update
2023-09-18 00:00:00
Important: libwebp security update
2023-09-19 00:00:00
cloudfoundry
cloudfoundry
USN-6369-1: libwebp vulnerability | Cloud Foundry
2023-10-12 00:00:00
ibm
ibm
wolfi
wolfi
CVE-2023-4863 vulnerabilities
2024-09-16 09:11:42
gitlab
gitlab
CefSharp affected by heap buffer overflow in WebP
2023-09-21 00:00:00
oraclelinux
oraclelinux
firefox security update
2023-09-19 00:00:00
firefox security update
2023-09-19 00:00:00
cbl_mariner
cbl_mariner
CVE-2023-4863 affecting package libwebp for versions less than 1.3.2-1
2023-10-04 16:53:46
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS
0.636
Percentile
97.9%
Related for RHSA-2023:5191