OESA-2023-1317
- Source
- https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1317
- Import Source
- https://repo.openeuler.org/security/data/osv/OESA-2023-1317.json
- JSON Data
- https://api.osv.dev/v1/vulns/OESA-2023-1317
- Upstream
- Published
- 2023-06-03T11:05:19Z
- Modified
- 2025-09-03T06:18:53.953247Z
- Summary
- libwebp security update
- Details
-
This is an image format that does lossy compression of digital photographic images. WebP consists of a codec based on VP8, and a container based on RIFF. Webmasters, web developers and browser developers can use WebP to compress, archive and distribute digital images more efficiently.
Security Fix(es):
A vulnerability was found in libwebp (affected version unknown). It has been declared as critical. Affected by this vulnerability is an unknown code of the component Image File Handler. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.(CVE-2023-1999)
- Database specific
{ "severity": "Medium" }- References
Affected packages
openEuler:20.03-LTS-SP1 / libwebp
Package
- Name
- libwebp
- Purl
- pkg:rpm/openEuler/libwebp&distro=openEuler-20.03-LTS-SP1
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.1.0-3.oe1
Ecosystem specific
{
"aarch64": [
"libwebp-devel-1.1.0-3.oe1.aarch64.rpm",
"libwebp-debuginfo-1.1.0-3.oe1.aarch64.rpm",
"libwebp-tools-1.1.0-3.oe1.aarch64.rpm",
"libwebp-java-1.1.0-3.oe1.aarch64.rpm",
"libwebp-debugsource-1.1.0-3.oe1.aarch64.rpm",
"libwebp-1.1.0-3.oe1.aarch64.rpm"
],
"src": [
"libwebp-1.1.0-3.oe1.src.rpm"
],
"x86_64": [
"libwebp-devel-1.1.0-3.oe1.x86_64.rpm",
"libwebp-1.1.0-3.oe1.x86_64.rpm",
"libwebp-tools-1.1.0-3.oe1.x86_64.rpm",
"libwebp-debugsource-1.1.0-3.oe1.x86_64.rpm",
"libwebp-debuginfo-1.1.0-3.oe1.x86_64.rpm",
"libwebp-java-1.1.0-3.oe1.x86_64.rpm"
],
"noarch": [
"libwebp-help-1.1.0-3.oe1.noarch.rpm"
]
}
openEuler:20.03-LTS-SP3 / libwebp
Package
- Name
- libwebp
- Purl
- pkg:rpm/openEuler/libwebp&distro=openEuler-20.03-LTS-SP3
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.1.0-3.oe1
Ecosystem specific
{
"aarch64": [
"libwebp-debuginfo-1.1.0-3.oe1.aarch64.rpm",
"libwebp-tools-1.1.0-3.oe1.aarch64.rpm",
"libwebp-1.1.0-3.oe1.aarch64.rpm",
"libwebp-devel-1.1.0-3.oe1.aarch64.rpm",
"libwebp-java-1.1.0-3.oe1.aarch64.rpm",
"libwebp-debugsource-1.1.0-3.oe1.aarch64.rpm"
],
"src": [
"libwebp-1.1.0-3.oe1.src.rpm"
],
"x86_64": [
"libwebp-devel-1.1.0-3.oe1.x86_64.rpm",
"libwebp-java-1.1.0-3.oe1.x86_64.rpm",
"libwebp-debuginfo-1.1.0-3.oe1.x86_64.rpm",
"libwebp-tools-1.1.0-3.oe1.x86_64.rpm",
"libwebp-debugsource-1.1.0-3.oe1.x86_64.rpm",
"libwebp-1.1.0-3.oe1.x86_64.rpm"
],
"noarch": [
"libwebp-help-1.1.0-3.oe1.noarch.rpm"
]
}
openEuler:22.03-LTS / libwebp
Package
- Name
- libwebp
- Purl
- pkg:rpm/openEuler/libwebp&distro=openEuler-22.03-LTS
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.2.1-3.oe2203sp1
Ecosystem specific
{
"aarch64": [
"libwebp-tools-1.2.1-3.oe2203.aarch64.rpm",
"libwebp-java-1.2.1-3.oe2203.aarch64.rpm",
"libwebp-debugsource-1.2.1-3.oe2203.aarch64.rpm",
"libwebp-1.2.1-3.oe2203.aarch64.rpm",
"libwebp-devel-1.2.1-3.oe2203.aarch64.rpm",
"libwebp-debuginfo-1.2.1-3.oe2203.aarch64.rpm",
"libwebp-1.2.1-3.oe2203sp1.aarch64.rpm",
"libwebp-debugsource-1.2.1-3.oe2203sp1.aarch64.rpm",
"libwebp-java-1.2.1-3.oe2203sp1.aarch64.rpm",
"libwebp-debuginfo-1.2.1-3.oe2203sp1.aarch64.rpm",
"libwebp-tools-1.2.1-3.oe2203sp1.aarch64.rpm",
"libwebp-devel-1.2.1-3.oe2203sp1.aarch64.rpm"
],
"src": [
"libwebp-1.2.1-3.oe2203.src.rpm",
"libwebp-1.2.1-3.oe2203sp1.src.rpm"
],
"x86_64": [
"libwebp-devel-1.2.1-3.oe2203.x86_64.rpm",
"libwebp-debugsource-1.2.1-3.oe2203.x86_64.rpm",
"libwebp-debuginfo-1.2.1-3.oe2203.x86_64.rpm",
"libwebp-java-1.2.1-3.oe2203.x86_64.rpm",
"libwebp-tools-1.2.1-3.oe2203.x86_64.rpm",
"libwebp-1.2.1-3.oe2203.x86_64.rpm",
"libwebp-1.2.1-3.oe2203sp1.x86_64.rpm",
"libwebp-debuginfo-1.2.1-3.oe2203sp1.x86_64.rpm",
"libwebp-devel-1.2.1-3.oe2203sp1.x86_64.rpm",
"libwebp-tools-1.2.1-3.oe2203sp1.x86_64.rpm",
"libwebp-debugsource-1.2.1-3.oe2203sp1.x86_64.rpm",
"libwebp-java-1.2.1-3.oe2203sp1.x86_64.rpm"
],
"noarch": [
"libwebp-help-1.2.1-3.oe2203.noarch.rpm",
"libwebp-help-1.2.1-3.oe2203sp1.noarch.rpm"
]
}
openEuler:22.03-LTS-SP1 / libwebp
Package
- Name
- libwebp
- Purl
- pkg:rpm/openEuler/libwebp&distro=openEuler-22.03-LTS-SP1
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.2.1-3.oe2203sp1
Ecosystem specific
{
"aarch64": [
"libwebp-1.2.1-3.oe2203sp1.aarch64.rpm",
"libwebp-debugsource-1.2.1-3.oe2203sp1.aarch64.rpm",
"libwebp-java-1.2.1-3.oe2203sp1.aarch64.rpm",
"libwebp-debuginfo-1.2.1-3.oe2203sp1.aarch64.rpm",
"libwebp-tools-1.2.1-3.oe2203sp1.aarch64.rpm",
"libwebp-devel-1.2.1-3.oe2203sp1.aarch64.rpm"
],
"src": [
"libwebp-1.2.1-3.oe2203sp1.src.rpm"
],
"x86_64": [
"libwebp-1.2.1-3.oe2203sp1.x86_64.rpm",
"libwebp-debuginfo-1.2.1-3.oe2203sp1.x86_64.rpm",
"libwebp-devel-1.2.1-3.oe2203sp1.x86_64.rpm",
"libwebp-tools-1.2.1-3.oe2203sp1.x86_64.rpm",
"libwebp-debugsource-1.2.1-3.oe2203sp1.x86_64.rpm",
"libwebp-java-1.2.1-3.oe2203sp1.x86_64.rpm"
],
"noarch": [
"libwebp-help-1.2.1-3.oe2203sp1.noarch.rpm"
]
}