security vulnerability

  • Resolved Anto Mathew

    (@anto18)


    1 year, 5 months ago

    ?There’s a notable security vulnerability, CVE-2023-5129, associated with the libwebp library, which raises concerns given the plugin’s WebP-related modules.

    Any correlation between this plugin and the mentioned vulnerability, and whether any measures have been taken to mitigate this risk.

Viewing 2 replies - 1 through 2 (of 2 total)
  • Moderator Yui

    (@fierevere)

    永子

    Update libwebp that comes with your Operating System (or PHP) is enough.
    And restart PHP (apache2, php-fpm or whatever PHP provider does your server use)

    There is no need to take additional steps on plugin’s side.

    Plugin Support James Osborne

    (@jamesosborne)

    Thanks for reaching out @anto18. Updating libwebp?would indeed ensure mitigation, while I also don’t suspect there is any action required with regards. I will, however, pass your concern on to the team.

    Appreciate the input @fierevere. Many thanks.

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘security vulnerability’ is closed to new replies.