-
-
Notifications
You must be signed in to change notification settings - Fork 249
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Closing CVE-2023-5217 #582
Comments
This library doesn’t use libvpx, but I will look into it to see if it would
have the vulnerability too.
…On Thu, Oct 12, 2023 at 3:41 AM jubuehrer ***@***.***> wrote:
There is a security issue <https://nvd.nist.gov/vuln/detail/CVE-2023-5217>
in the libvpx library that is handling WebP images.
I honestly don't know how this project here works but I do know that it
supports the WebP image format. Therefore I suspect that this vulnerability
does affect this project as well (because this method of handling WebP
images is widely used).
Please take a look at this vulnerability and possibly close it, as this
project is a very standard flutter package. Thank you :)
—
Reply to this email directly, view it on GitHub
<#582>, or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AA3ZF4ZSB5NRKRT77TWOKG3X663MTANCNFSM6AAAAAA55KNUC4>
.
You are receiving this because you are subscribed to this thread.Message
ID: ***@***.***>
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
There is a security issue in the
libvpx
library that is handling WebP images.I honestly don't know how this project here works but I do know that it supports the WebP image format. Therefore I suspect that this vulnerability does affect this project as well (because this method of handling WebP images is widely used).
Please take a look at this vulnerability and possibly close it, as this project is a very standard flutter package. Thank you :)
The text was updated successfully, but these errors were encountered: