Alpine Linux Development TeamALPINE:CVE-2023-5129

HistorySep 25, 2023 - 9:15 p.m.

Vulners
/
Alpinelinux
/
CVE-2023-5129

CVE-2023-5129

2023-09-2521:15:16

Alpine Linux Development Team

security.alpinelinux.org

rejected

cve

duplicate

2023-5129

2023-4863

unix

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

9 High

AI Score

Confidence

High

0.609 Medium

EPSS

Percentile

97.8%

JSON

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Duplicate of CVE-2023-4863.

OSVersionArchitecturePackageVersionFilename
Alpine3.17-mainnoarchlibwebp= 1.2.4-r3UNKNOWN
Alpine3.16-mainnoarchlibwebp= 1.2.3-r2UNKNOWN
Alpine3.15-mainnoarchlibwebp= 1.2.2-r2UNKNOWN
Alpineedge-communitynoarchtiledb< 2.17.4-r0UNKNOWN
Alpine3.19-communitynoarchtiledb< 2.17.4-r0UNKNOWN
Alpine3.20-communitynoarchtiledb< 2.17.4-r0UNKNOWN

OS	Version	Architecture	Package	Version	Filename
Alpine	3.17-main	noarch	libwebp	= 1.2.4-r3	UNKNOWN
Alpine	3.16-main	noarch	libwebp	= 1.2.3-r2	UNKNOWN
Alpine	3.15-main	noarch	libwebp	= 1.2.2-r2	UNKNOWN
Alpine	edge-community	noarch	tiledb	< 2.17.4-r0	UNKNOWN
Alpine	3.19-community	noarch	tiledb	< 2.17.4-r0	UNKNOWN
Alpine	3.20-community	noarch	tiledb	< 2.17.4-r0	UNKNOWN

kaspersky 5

redhat 22

nessus 70

ubuntucve 1

osv 20

nvd 2

mozilla 1

attackerkb 2

redhatcve 1

cnvd 1

openvas 30

github 4

rocky 2

prion 2

f5 1

cve 2

photon 1

talosblog 1

cvelist 2

debiancve 1

fedora 8

redos 1

slackware 1

freebsd 1

paloalto 1

mageia 1

cgr 1

oraclelinux 4

hp 1

githubexploit 2

alpinelinux 1

hivepro 1

almalinux 1

ibm 2

amazon 1

debian 1

kaspersky

KLA60726 DoS vulnerability in Mozilla Firefox ESR

2023-09-12 00:00:00

KLA60725 DoS vulnerability in Mozilla Thunderbird

2023-09-12 00:00:00

KLA60727 DoS vulnerability in Mozilla Firefox

2023-09-12 00:00:00

redhat

(RHSA-2023:5192) Important: firefox security update

2023-09-18 12:53:16

(RHSA-2023:5187) Important: firefox security update

2023-09-18 12:53:07

(RHSA-2023:5197) Important: firefox security update

2023-09-18 12:54:43

nessus

RHEL 8 : thunderbird (RHSA-2023:5186)

2023-09-18 00:00:00

RHEL 8 : firefox (RHSA-2023:5184)

2023-09-18 00:00:00

RHEL 8 : libwebp (RHSA-2023:5309)

2023-09-20 00:00:00

ubuntucve

CVE-2023-5129

2023-09-25 00:00:00

osv

CVE-2023-4863

2023-09-12 15:15:24

libwebp: OOB write in BuildHuffmanTable

2023-09-12 12:00:00

Bundled libwebp in imagecodecs vulnerable

2023-10-05 00:07:46

nvd

CVE-2023-5129

2023-09-25 21:15:16

CVE-2023-4863

2023-09-12 15:15:24

mozilla

Security Vulnerability fixed in Firefox 117.0.1, Firefox ESR 115.2.1, Firefox ESR 102.15.1, Thunderbird 102.15.1, and Thunderbird 115.2.2 — Mozilla

2023-09-12 00:00:00

attackerkb

CVE-2023-5129

2023-09-25 00:00:00

CVE-2023-4863

2023-09-12 00:00:00

redhatcve

CVE-2023-5129

2023-09-27 17:55:08

cnvd

Google libwebp open source library remote code execution vulnerability

2023-09-27 00:00:00

openvas

Mozilla Firefox Security Advisory (MFSA2023-40) - Linux

2023-09-13 00:00:00

Fedora: Security Advisory for libwebp (FEDORA-2023-2a0668fe43)

2023-10-01 00:00:00

Fedora: Security Advisory for libwebp (FEDORA-2023-e692a72898)

2023-10-16 00:00:00

github

Bundled libwebp in imagecodecs vulnerable

2023-10-05 00:07:46

Bundled libwebp in Pillow vulnerable

2023-10-05 00:06:58

Vulnerable version of libwebp and can be exploited with a malicious source image

2023-10-06 20:46:33

rocky

thunderbird security update

2023-10-06 22:57:16

libwebp security update

2023-10-06 22:58:06

prion

Open redirect

2023-09-25 21:15:00

Heap overflow

2023-09-12 15:15:00

K000137054 : libwebp vulnerabilities CVE-2023-4863 and CVE-2023-5129

2023-09-29 00:00:00

cve

CVE-2023-5129

2023-09-25 21:15:16

CVE-2023-4863

2023-09-12 15:15:24

photon

Critical Photon OS Security Update - PHSA-2023-3.0-0657

2023-09-28 00:00:00

talosblog

The security pitfalls of social media sites offering ID-based authentication

2023-09-28 18:00:11

cvelist

CVE-2023-5129

2023-09-25 20:42:25

CVE-2023-4863

2023-09-12 14:24:59

debiancve

CVE-2023-5129

2023-09-25 21:15:00

fedora

[SECURITY] Fedora 38 Update: firefox-118.0.1-4.fc38

2023-10-06 01:31:45

[SECURITY] Fedora 37 Update: firefox-118.0.1-7.fc37

2023-10-10 01:33:42

[SECURITY] Fedora 39 Update: libwebp-1.3.2-2.fc39

2023-10-03 00:20:56

redos

ROS-20240404-15

2024-04-04 00:00:00

slackware

[slackware-security] mozilla-thunderbird

2023-09-14 02:32:34

freebsd

graphics/webp heap buffer overflow

2023-09-12 00:00:00

paloalto

Impact of libwebp Vulnerability CVE-2023-4863

2023-10-02 23:40:00

mageia

Updated libwebp packages fix a security vulnerability

2023-10-03 13:53:29

cgr

CVE-2023-4863 vulnerabilities

2024-05-19 03:07:16

oraclelinux

thunderbird security update

2023-09-19 00:00:00

firefox security update

2023-09-19 00:00:00

libwebp security update

2023-09-20 00:00:00

Certain HP Enterprise LaserJet, HP LaserJet Managed Printers – Potential Buffer Overflow

2024-02-20 00:00:00

githubexploit

Exploit for Out-of-bounds Write in Google Chrome

2023-09-21 05:22:51

Exploit for Out-of-bounds Write in Google Chrome

2023-11-11 06:51:03

alpinelinux

CVE-2023-4863

2023-09-12 15:15:24

hivepro

Google Addresses Fourth Zero-Day Flaw Exploited by Attackers Wildly

2023-09-12 13:05:09

almalinux

Important: thunderbird security update

2023-09-19 00:00:00

ibm

Security Bulletin: IBM App Connect Enterprise is vulnerable to a heap-based buffer overflow due to electron

2023-10-20 09:35:15

Security Bulletin: IBM Cognos Analytics Cartridge for IBM Cloud Pak for Data 4.8.0 has addressed a security vulnerability (CVE-2023-4863)

2023-11-29 22:25:21

amazon

Important: qt5-qtimageformats

2023-11-09 19:19:00

debian

[SECURITY] [DLA 3569-1] thunderbird security update

2023-09-17 09:42:33

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

9 High

AI Score

Confidence

High

0.609 Medium

EPSS

Percentile

97.8%

JSON

Related for ALPINE:CVE-2023-5129