Skip Navigation
Is Boost for Lemmy vulnerable to the webp exploit?
  • Not really, just temporarily not using apps where random people can post images that are not re-encoded. Turns out this is very few apps, but sadly every lemmy app falls under this category.

  • Is Boost for Lemmy vulnerable to the webp exploit?

    What version of libwebp does Boost use and if it is currently vulnerable, when can we expect an update to fix this issue? The affected versions of libwebp are 0.5.0 to 1.3.1.

    17
    InitialsDiceBearhttps://github.com/dicebear/dicebearhttps://creativecommons.org/publicdomain/zero/1.0/„Initials” (https://github.com/dicebear/dicebear) by „DiceBear”, licensed under „CC0 1.0” (https://creativecommons.org/publicdomain/zero/1.0/)DU
    DungFu @lemmy.world
    Posts 1
    Comments 2