{"dataType": "CVE_RECORD", "dataVersion": "5.0", "cveMetadata": {"cveId": "CVE-2023-5129", "assignerOrgId": "14ed7db2-1595-443d-9d34-6215bf890778", "state": "REJECTED", "assignerShortName": "Google", "dateReserved": "2023-09-22T16:08:02.895Z", "datePublished": "2023-09-25T20:42:25.119Z", "dateUpdated": "2023-09-27T20:39:31.615Z", "dateRejected": "2023-09-27T20:37:35.338Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "14ed7db2-1595-443d-9d34-6215bf890778", "shortName": "Google", "dateUpdated": "2023-09-27T20:39:31.615Z"}, "rejectedReasons": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Duplicate of CVE-2023-4863."}], "value": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.\u00a0Duplicate of CVE-2023-4863."}], "replacedBy": ["CVE-2023-4863"], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.\u00a0Duplicate of CVE-2023-4863."}], "id": "CVE-2023-5129", "lastModified": "2023-11-07T04:23:29.527", "metrics": {}, "published": "2023-09-25T21:15:16.667", "references": [], "sourceIdentifier": "cve-coordination@google.com", "vulnStatus": "Rejected"}

{"affected_release": [{"advisory": "RHSA-2023:5191", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "thunderbird-0:102.15.1-1.el7_9", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2023-09-18T00:00:00Z"}, {"advisory": "RHSA-2023:5197", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "firefox-0:102.15.1-1.el7_9", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2023-09-18T00:00:00Z"}, {"advisory": "RHSA-2023:5184", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "firefox-0:102.15.1-1.el8_8", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2023-09-18T00:00:00Z"}, {"advisory": "RHSA-2023:5201", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "thunderbird-0:102.15.1-1.el8_8", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2023-09-18T00:00:00Z"}, {"advisory": "RHSA-2023:5309", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "libwebp-0:1.0.0-8.el8_8.1", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2023-09-20T00:00:00Z"}, {"advisory": "RHSA-2023:5183", "cpe": "cpe:/a:redhat:rhel_e4s:8.1", "package": "firefox-0:102.15.1-1.el8_1", "product_name": "Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions", "release_date": "2023-09-18T00:00:00Z"}, {"advisory": "RHSA-2023:5188", "cpe": "cpe:/a:redhat:rhel_e4s:8.1", "package": "thunderbird-0:102.15.1-1.el8_1", "product_name": "Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions", "release_date": "2023-09-18T00:00:00Z"}, {"advisory": "RHSA-2023:5236", "cpe": "cpe:/a:redhat:rhel_e4s:8.1", "package": "libwebp-0:1.0.0-5.2.el8_1.1", "product_name": "Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions", "release_date": "2023-09-19T00:00:00Z"}, {"advisory": "RHSA-2023:5186", "cpe": "cpe:/a:redhat:rhel_aus:8.2", "package": "thunderbird-0:102.15.1-1.el8_2", "product_name": "Red Hat Enterprise Linux 8.2 Advanced Update Support", "release_date": "2023-09-18T00:00:00Z"}, {"advisory": "RHSA-2023:5187", "cpe": "cpe:/a:redhat:rhel_aus:8.2", "package": "firefox-0:102.15.1-1.el8_2", "product_name": "Red Hat Enterprise Linux 8.2 Advanced Update Support", "release_date": "2023-09-18T00:00:00Z"}, {"advisory": "RHSA-2023:5190", "cpe": "cpe:/a:redhat:rhel_aus:8.2", "package": "libwebp-0:1.0.0-7.el8_2.1", "product_name": "Red Hat Enterprise Linux 8.2 Advanced Update Support", "release_date": "2023-09-18T00:00:00Z"}, {"advisory": "RHSA-2023:5186", "cpe": "cpe:/a:redhat:rhel_tus:8.2", "package": "thunderbird-0:102.15.1-1.el8_2", "product_name": "Red Hat Enterprise Linux 8.2 Telecommunications Update Service", "release_date": "2023-09-18T00:00:00Z"}, {"advisory": "RHSA-2023:5187", "cpe": "cpe:/a:redhat:rhel_tus:8.2", "package": "firefox-0:102.15.1-1.el8_2", "product_name": "Red Hat Enterprise Linux 8.2 Telecommunications Update Service", "release_date": "2023-09-18T00:00:00Z"}, {"advisory": "RHSA-2023:5190", "cpe": "cpe:/a:redhat:rhel_tus:8.2", "package": "libwebp-0:1.0.0-7.el8_2.1", "product_name": "Red Hat Enterprise Linux 8.2 Telecommunications Update Service", "release_date": "2023-09-18T00:00:00Z"}, {"advisory": "RHSA-2023:5186", "cpe": "cpe:/a:redhat:rhel_e4s:8.2", "package": "thunderbird-0:102.15.1-1.el8_2", "product_name": "Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions", "release_date": "2023-09-18T00:00:00Z"}, {"advisory": "RHSA-2023:5187", "cpe": "cpe:/a:redhat:rhel_e4s:8.2", "package": "firefox-0:102.15.1-1.el8_2", "product_name": "Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions", "release_date": "2023-09-18T00:00:00Z"}, {"advisory": "RHSA-2023:5190", "cpe": "cpe:/a:redhat:rhel_e4s:8.2", "package": "libwebp-0:1.0.0-7.el8_2.1", "product_name": "Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions", "release_date": "2023-09-18T00:00:00Z"}, {"advisory": "RHSA-2023:5185", "cpe": "cpe:/a:redhat:rhel_aus:8.4", "package": "thunderbird-0:102.15.1-1.el8_4", "product_name": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support", "release_date": "2023-09-18T00:00:00Z"}, {"advisory": "RHSA-2023:5192", "cpe": "cpe:/a:redhat:rhel_aus:8.4", "package": "firefox-0:102.15.1-1.el8_4", "product_name": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support", "release_date": "2023-09-18T00:00:00Z"}, {"advisory": "RHSA-2023:5185", "cpe": "cpe:/a:redhat:rhel_tus:8.4", "package": "thunderbird-0:102.15.1-1.el8_4", "product_name": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service", "release_date": "2023-09-18T00:00:00Z"}, {"advisory": "RHSA-2023:5192", "cpe": "cpe:/a:redhat:rhel_tus:8.4", "package": "firefox-0:102.15.1-1.el8_4", "product_name": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service", "release_date": "2023-09-18T00:00:00Z"}, {"advisory": "RHSA-2023:5185", "cpe": "cpe:/a:redhat:rhel_e4s:8.4", "package": "thunderbird-0:102.15.1-1.el8_4", "product_name": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions", "release_date": "2023-09-18T00:00:00Z"}, {"advisory": "RHSA-2023:5192", "cpe": "cpe:/a:redhat:rhel_e4s:8.4", "package": "firefox-0:102.15.1-1.el8_4", "product_name": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions", "release_date": "2023-09-18T00:00:00Z"}, {"advisory": "RHSA-2023:5189", "cpe": "cpe:/a:redhat:rhel_eus:8.6", "package": "libwebp-0:1.0.0-7.el8_6.1", "product_name": "Red Hat Enterprise Linux 8.6 Extended Update Support", "release_date": "2023-09-18T00:00:00Z"}, {"advisory": "RHSA-2023:5198", "cpe": "cpe:/a:redhat:rhel_eus:8.6", "package": "firefox-0:102.15.1-1.el8_6", "product_name": "Red Hat Enterprise Linux 8.6 Extended Update Support", "release_date": "2023-09-18T00:00:00Z"}, {"advisory": "RHSA-2023:5202", "cpe": "cpe:/a:redhat:rhel_eus:8.6", "package": "thunderbird-0:102.15.1-1.el8_6", "product_name": "Red Hat Enterprise Linux 8.6 Extended Update Support", "release_date": "2023-09-18T00:00:00Z"}, {"advisory": "RHSA-2023:5200", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "firefox-0:102.15.1-1.el9_2", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2023-09-18T00:00:00Z"}, {"advisory": "RHSA-2023:5214", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "libwebp-0:1.2.0-7.el9_2", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2023-09-19T00:00:00Z"}, {"advisory": "RHSA-2023:5224", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "thunderbird-0:102.15.1-1.el9_2", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2023-09-19T00:00:00Z"}, {"advisory": "RHSA-2023:5204", "cpe": "cpe:/a:redhat:rhel_eus:9.0", "package": "libwebp-0:1.2.0-6.el9_0", "product_name": "Red Hat Enterprise Linux 9.0 Extended Update Support", "release_date": "2023-09-18T00:00:00Z"}, {"advisory": "RHSA-2023:5205", "cpe": "cpe:/a:redhat:rhel_eus:9.0", "package": "firefox-0:102.15.1-1.el9_0", "product_name": "Red Hat Enterprise Linux 9.0 Extended Update Support", "release_date": "2023-09-18T00:00:00Z"}, {"advisory": "RHSA-2023:5223", "cpe": "cpe:/a:redhat:rhel_eus:9.0", "package": "thunderbird-0:102.15.1-1.el9_0", "product_name": "Red Hat Enterprise Linux 9.0 Extended Update Support", "release_date": "2023-09-19T00:00:00Z"}], "bugzilla": {"description": "libwebp: out-of-bounds write with a specially crafted WebP lossless file", "id": "2240759", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2240759"}, "csaw": false, "cvss3": {"cvss3_base_score": "0.0", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:N", "status": "verified"}, "cwe": "CWE-122", "details": ["This CVE ID has been rejected or withdrawn by its CVE Numbering Authority for the following reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.\u00a0Duplicate of CVE-2023-4863.", "This CVE ID has been rejected by its CVE Numbering Authority. Duplicate of CVE-2023-4863."], "name": "CVE-2023-5129", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "firefox", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "libwebp", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "firefox:flatpak/firefox", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "thunderbird:flatpak/thunderbird", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2023-09-25T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2023-5129\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-5129\nhttps://chromium.googlesource.com/webm/libwebp/+/2af26267cdfcb63a88e5c74a85927a12d6ca1d76\nhttps://chromium.googlesource.com/webm/libwebp/+/902bc9190331343b2017211debcec8d2ab87e17a"], "statement": "This flaw was found to be a duplicate of CVE-2023-4863. Please see https://access.redhat.com/security/cve/CVE-2023-4863 for information about affected products and security errata."}