CVE-2023-41064, CVE-2023-4863, CVE-2023-5129: Frequently Asked Questions for ImageIO and WebP/libwebp Zero-Day Vulnerabilities | allinfosecnews.com

Sept. 28, 2023, 3:36 a.m. | Satnam Narang

Cyber Exposure Alerts www.tenable.com

Frequently asked questions relating to vulnerabilities in Apple, Google and the open source libwebp library.

Background

The Tenable Security Response Team has put together this blog to answer frequently asked questions (FAQ) to help provide clarity around recently disclosed vulnerabilities including CVE-2023-41064, CVE-2023-4863 and CVE-2023-5129 in an open source library called libwebp.

FAQ

What do these vulnerabilities have to do with Apple products?

On September 7, researchers at Citizen Lab published a blog post detailing their discovery of an iPhone …

apple blog cve cve-2023-41064 cve-2023-4863 cve-2023-5129 faq google library libwebp open source questions response security team tenable vulnerabilities webp zero-day zero-day vulnerabilities

More from www.tenable.com / Cyber Exposure Alerts

CVE-2024-24919: Check Point Security Gateway Information Disclosure Zero-Day Exploited in the Wild 3 days, 14 hours ago | www.tenable.com

Microsoft’s May 2024 Patch Tuesday Addresses 59 CVEs (CVE-2024-30051, CVE-2024-30040) 2 weeks, 4 days ago | www.tenable.com

addresses critical critical vulnerability cve +15

CVE-2024-21793, CVE-2024-26026: Proof of Concept Available for F5 BIG-IP Next Central Manager Vulnerabilities 3 weeks, 2 days ago | www.tenable.com

big big-ip big-ip next central manager centralized management +18

CVE-2024-20353, CVE-2024-20359: Frequently Asked Questions About ArcaneDoor 1 month, 1 week ago | www.tenable.com

adaptive security arcanedoor blog called +15

CVE-2024-4040: CrushFTP Virtual File System (VFS) Sandbox Escape Vulnerability Exploited 1 month, 1 week ago | www.tenable.com

advisory april crushftp customers +23

Oracle April 2024 Critical Patch Update Addresses 239 CVEs 1 month, 2 weeks ago | www.tenable.com

addresses april cpu critical +12

CVE-2024-3400: Zero-Day Vulnerability in Palo Alto Networks PAN-OS GlobalProtect Gateway Exploited in the Wild 1 month, 2 weeks ago | www.tenable.com

alto april attacks command +25

Microsoft’s April 2024 Patch Tuesday Addresses 147 CVEs (CVE-2024-29988) 1 month, 3 weeks ago | www.tenable.com

addresses april critical critical vulnerabilities +13

Frequently Asked Questions About CVE-2024-3094, A Backdoor in XZ Utils 2 months ago | www.tenable.com

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland

View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City

View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL

View on infosec-jobs.com

Sr. Product Manager

@ MixMode | Remote, US

View on infosec-jobs.com

Corporate Intern - Information Security (Year Round)

@ Associated Bank | US WI Remote

View on infosec-jobs.com

Senior Offensive Security Engineer

@ CoStar Group | US-DC Washington, DC

View on infosec-jobs.com