What is CVE-2023-4863? Google's libwebp at risk | UpGuard

Source: www.upguard.com

What is CVE-2023-4863? Google's libwebp at risk | UpGuard
WebP is an open-source image format developed by Google. The [.rt-script]libwebp[.rt-script] package, released by Google, encodes and decodes images in WebP format and is used widely across the internet for lossless image compression. The image parsing library [.rt-script]libwebp[.rt-script] is the core of the recently identified https://nvd.nist.gov/vuln/detail/CVE-2023-4863 heap buffer overflow vulnerability and zero-day exploit that impacts Google Chrome and other Chromium-based browsers for Windows, macOS, and Linux, as well as any software or web application that uses the [.rt-script]libwebp[.rt-script] library. CVE-2023-4863 is a zero-day vulnerability that allows for remote code execution and out-of-bounds write through a buffer overflow attack.

Because of how the WebP Codec provides support for web images, a heap overflow vulnerability permits exploitation of WebP image provisions.
Read Full Article On www.upguard.com
Achieve superior email deliverability with ToastMail! Our AI-driven tool warms up inboxes, monitors reputation, and ensures emails reach their intended destination. Sign up today for a spam-free future.

Related Articles

Community Partners
CrowdSec
Autonomous.ai | Best Standing Desks & Ergonomic Office Chairs

Digital Ocean

CloudWays

Become a Partner?
DevOps Careers
    • Add a Job?