PYSEC-2023-174
See a problem?- Import Source
- https://github.com/pypa/advisory-database/blob/main/vulns/imagecodecs/PYSEC-2023-174.yaml
- JSON Data
- https://api.osv.dev/v1/vulns/PYSEC-2023-174
- Related
- Published
- 2023-09-20T05:30:34.993050Z
- Modified
- 2023-09-20T05:12:42.403706Z
- Summary
- [none]
- Details
-
imagecodecs versions before v2023.9.18 bundled libwebp binaries in wheels that are vulnerable to CVE-2023-5129 (previously CVE-2023-4863). imagecodecs v2023.9.18 upgrades the bundled libwebp binary to v1.3.2.
- References
Affected packages
PyPI / imagecodecs
Package
- Name
- imagecodecs
- View open source insights on deps.dev
- Purl
- pkg:pypi/imagecodecs
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2023.9.18
Affected versions
2018.*
2018.10.10
2018.10.18
2018.10.22
2018.10.28
2018.10.30
2018.11.8
2018.12.1
2018.12.12
2018.12.16
2019.*
2019.1.1
2019.1.14
2019.2.2
2019.2.20
2019.2.22
2019.4.20
2019.11.5
2019.11.18
2019.11.28
2019.12.31
2020.*
2020.1.31
2020.2.18
2020.5.30
2020.12.24
2021.*
2021.1.11
2021.1.28
2021.2.26
2021.3.31
2021.4.28
2021.6.8
2021.7.30
2021.8.26
2021.11.11
2021.11.20
2022.*
2022.2.22
2022.7.27
2022.7.31
2022.8.8
2022.9.26
2022.12.22
2022.12.24
2023.*
2023.1.23
2023.3.16
2023.7.4
2023.7.10
2023.8.12
2023.9.4