USN-6078-2: libwebp vulnerability

🗓️ 18 Jul 2023 11:26:04Reported by UbuntuType

ubuntu

ubuntu🔗 ubuntu.com👁 93 Views

Ubuntu 16.04 ESM libwebp vulnerability fix

Reporter	Title	Published	Views	Family All 295
IBM Security Bulletins	Security Bulletin: IBM QRadar SIEM includes components with known vulnerabilities	6 Jul 202318:48	–	ibm
Tenable Nessus	Amazon Linux 2023 : libwebp, libwebp-devel, libwebp-java (ALAS2023-2023-185)	8 Jun 202300:00	–	nessus
Tenable Nessus	Amazon Linux 2 : thunderbird (ALAS-2023-2028)	2 May 202300:00	–	nessus
Tenable Nessus	Amazon Linux 2 : firefox (ALASFIREFOX-2023-005)	27 Sep 202300:00	–	nessus
Tenable Nessus	Alibaba Cloud Linux 3 : 0115: libwebp (ALINUX3-SA-2023:0115)	14 May 202500:00	–	nessus
Tenable Nessus	AlmaLinux 8 : libwebp (ALSA-2023:2076)	3 May 202300:00	–	nessus
Tenable Nessus	AlmaLinux 9 : libwebp (ALSA-2023:2078)	3 May 202300:00	–	nessus
Tenable Nessus	CentOS 8 : firefox (CESA-2023:1787)	8 Feb 202400:00	–	nessus
Tenable Nessus	CentOS 8 : thunderbird (CESA-2023:1802)	8 Feb 202400:00	–	nessus
Tenable Nessus	CentOS 7 : firefox (RHSA-2023:1791)	25 Apr 202300:00	–	nessus

OS	OS Version	Architecture	Package	Package Version	Filename
Ubuntu	16.04	any	libwebp-dev	0.4.4-1ubuntu0.1~esm2	libwebp-dev_0.4.4-1ubuntu0.1~esm2_any.deb
Ubuntu	16.04	any	libwebp5	0.4.4-1ubuntu0.1~esm2	libwebp5_0.4.4-1ubuntu0.1~esm2_any.deb
Ubuntu	16.04	any	libwebpdemux1	0.4.4-1ubuntu0.1~esm2	libwebpdemux1_0.4.4-1ubuntu0.1~esm2_any.deb
Ubuntu	16.04	any	libwebpmux1	0.4.4-1ubuntu0.1~esm2	libwebpmux1_0.4.4-1ubuntu0.1~esm2_any.deb
Ubuntu	16.04	any	webp	0.4.4-1ubuntu0.1~esm2	webp_0.4.4-1ubuntu0.1~esm2_any.deb

18 Jul 2023 11:26Current

7.7High risk

Vulners AI Score7.7

CVSS 3.15.3 - 7.5

EPSS0.00353

SSVC

ubuntu libwebp vulnerability image remote attacker denial of service code execution