Lucene search

K
wizblogWiz BlogWIZBLOG:78BD1DD79CEDF1252891DE25681317D3
HistoryOct 01, 2023 - 1:31 p.m.

Critical vulnerabilities in media libraries exploited in the wild: everything you need to know

2023-10-0113:31:06
Wiz Blog
www.wiz.io
22
cve-2023-4863
cve-2023-5217
exploited
wild
media libraries
critical

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS

0.644

Percentile

97.9%

Delving into CVE-2023-4863 and CVE-2023-5217 - critical vulnerabilities in libwebp and libvpx exploited in the wild.

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS

0.644

Percentile

97.9%