2 matches found
GHSA-56PW-MPJ4-FXWW Duplicate Advisory: Bundled libwebp in Pillow vulnerable
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-56pw-mpj4-fxww. This link is maintained to preserve external references. Original Description Pillow versions before v10.0.1 bundled libwebp binaries in wheels that are vulnerable to CVE-2023-5129 previously...
PYSEC-2023-183
opencv-python versions before v4.8.1.78 bundled libwebp binaries in wheels that are vulnerable to CVE-2023-4863. opencv-python v4.8.1.78 upgrades the bundled libwebp binary to v1.3.2...