2023: Security Advisory: libwebp Heap buffer overflow
Summary | A critical vulnerability has been found in the libwebp library for processing graphics in WebP format, which allows information to be written to memory using buffer overflow. |
Advisory release date | Sep 12, 2023 |
Product |
|
CVE | CVE-2023-4863 |
Severity
CVSS Baser score 8.8 HIGH
Â
Summary of Vulnerability
Heap buffer overflow in libwebp library in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page.
Impact
NT-ware IT Operations and the Development teams have reviewed our products and services and concluded that we are not impacted by these CVE’s. We are not using this library in any of our products or web services.
Â
Â