For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References

bugzilla.redhat.com/show_bug.cgi?id=2238431

errata.rockylinux.org/RLSA-2023:5201

redhat 22

nessus 72

ubuntucve 1

kaspersky 5

osv 24

nvd 2

mozilla 1

attackerkb 2

cnvd 1

openvas 22

github 4

alpinelinux 1

redhatcve 1

rocky 3

f5 1

cve 2

prion 2

photon 1

talosblog 1

cvelist 2

debiancve 1

fedora 8

redos 1

slackware 1

freebsd 1

paloalto 1

mageia 1

cgr 1

oraclelinux 6

hp 1

githubexploit 2

cisa_kev 1

gitlab 1

almalinux 2

cbl_mariner 1

redhat

(RHSA-2023:5192) Important: firefox security update

2023-09-18 12:53:16

(RHSA-2023:5187) Important: firefox security update

2023-09-18 12:53:07

(RHSA-2023:5197) Important: firefox security update

2023-09-18 12:54:43

nessus

RHEL 8 : thunderbird (RHSA-2023:5186)

2023-09-18 00:00:00

RHEL 8 : firefox (RHSA-2023:5184)

2023-09-18 00:00:00

RHEL 8 : libwebp (RHSA-2023:5309)

2023-09-20 00:00:00

ubuntucve

CVE-2023-5129

2023-09-25 00:00:00

kaspersky

KLA60726 DoS vulnerability in Mozilla Firefox ESR

2023-09-12 00:00:00

KLA60725 DoS vulnerability in Mozilla Thunderbird

2023-09-12 00:00:00

KLA60727 DoS vulnerability in Mozilla Firefox

2023-09-12 00:00:00

osv

CVE-2023-4863

2023-09-12 15:15:24

libwebp: OOB write in BuildHuffmanTable

2023-09-12 12:00:00

Bundled libwebp in imagecodecs vulnerable

2023-10-05 00:07:46

nvd

CVE-2023-5129

2023-09-25 21:15:16

CVE-2023-4863

2023-09-12 15:15:24

mozilla

Security Vulnerability fixed in Firefox 117.0.1, Firefox ESR 115.2.1, Firefox ESR 102.15.1, Thunderbird 102.15.1, and Thunderbird 115.2.2 — Mozilla

2023-09-12 00:00:00

attackerkb

CVE-2023-5129

2023-09-25 00:00:00

CVE-2023-4863

2023-09-12 00:00:00

cnvd

Google libwebp open source library remote code execution vulnerability

2023-09-27 00:00:00

openvas

Mozilla Firefox Security Advisory (MFSA2023-40) - Linux

2023-09-13 00:00:00

Fedora: Security Advisory for libwebp (FEDORA-2023-2a0668fe43)

2023-10-01 00:00:00

Fedora: Security Advisory for libwebp (FEDORA-2023-e692a72898)

2023-10-16 00:00:00

github

Bundled libwebp in imagecodecs vulnerable

2023-10-05 00:07:46

Bundled libwebp in Pillow vulnerable

2023-10-05 00:06:58

Vulnerable version of libwebp and can be exploited with a malicious source image

2023-10-06 20:46:33

alpinelinux

CVE-2023-5129

2023-09-25 21:15:16

redhatcve

CVE-2023-5129

2023-09-27 17:55:08

rocky

libwebp security update

2023-10-06 22:58:06

thunderbird security update

2023-10-06 22:57:16

libwebp security update

2023-09-26 13:26:19

K000137054 : libwebp vulnerabilities CVE-2023-4863 and CVE-2023-5129

2023-09-29 00:00:00

cve

CVE-2023-5129

2023-09-25 21:15:16

CVE-2023-4863

2023-09-12 15:15:24

prion

Open redirect

2023-09-25 21:15:00

Heap overflow

2023-09-12 15:15:00

photon

Critical Photon OS Security Update - PHSA-2023-3.0-0657

2023-09-28 00:00:00

talosblog

The security pitfalls of social media sites offering ID-based authentication

2023-09-28 18:00:11

cvelist

CVE-2023-5129

2023-09-25 20:42:25

CVE-2023-4863

2023-09-12 14:24:59

debiancve

CVE-2023-5129

2023-09-25 21:15:00

fedora

[SECURITY] Fedora 38 Update: firefox-118.0.1-4.fc38

2023-10-06 01:31:45

[SECURITY] Fedora 37 Update: firefox-118.0.1-7.fc37

2023-10-10 01:33:42

[SECURITY] Fedora 39 Update: libwebp-1.3.2-2.fc39

2023-10-03 00:20:56

redos

ROS-20240404-15

2024-04-04 00:00:00

slackware

[slackware-security] mozilla-thunderbird

2023-09-14 02:32:34

freebsd

graphics/webp heap buffer overflow

2023-09-12 00:00:00

paloalto

Impact of libwebp Vulnerability CVE-2023-4863

2023-10-02 23:40:00

mageia

Updated libwebp packages fix a security vulnerability

2023-10-03 13:53:29

cgr

CVE-2023-4863 vulnerabilities

2024-05-19 03:07:16

oraclelinux

thunderbird security update

2023-09-19 00:00:00

firefox security update

2023-09-19 00:00:00

libwebp security update

2023-09-20 00:00:00

Certain HP Enterprise LaserJet, HP LaserJet Managed Printers – Potential Buffer Overflow

2024-02-20 00:00:00

githubexploit

Exploit for Out-of-bounds Write in Google Chrome

2023-11-11 06:51:03

Exploit for Out-of-bounds Write in Google Chrome

2023-09-21 05:22:51

cisa_kev

Google Chromium WebP Heap-Based Buffer Overflow Vulnerability

2023-09-13 00:00:00

gitlab

CefSharp affected by heap buffer overflow in WebP

2023-09-21 00:00:00

almalinux

Important: thunderbird security update

2023-09-18 00:00:00

Important: libwebp security update

2023-09-19 00:00:00

cbl_mariner

CVE-2023-4863 affecting package libwebp for versions less than 1.3.2-1

2023-10-04 16:53:46

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

7.7 High

AI Score

Confidence

High

0.609 Medium

EPSS

Percentile

97.8%

JSON

Related for OSV:RLSA-2023:5201