Closed Cyborgscode closed 4 months ago
The shortcoming, assigned the identifier CVE-2023-4863, is a heap buffer overflow flaw in the WebP image format that could result in arbitrary code execution when processing a specially crafted image.
URL : http://webmproject.org/ Summary : Library and tools for the WebP graphics format Description : WebP is an image format that does lossy compression of digital photographic images. WebP consists of a codec based on VP8, and a container based on RIFF. Webmasters, web developers and browser developers can use WebP to compress, archive and distribute digital images more efficiently.
Update Information:
ChangeLog:
there is more than one bug to fix here.
This issue is stale because it has been open 150 days with no activity. Remove stale label or comment or this will be closed in 14 days.
Fixed through backported electron security fixes.
all major browser- and electronbased apps need an update due to a bug in the libwebp-library.
Chromium and Electron have already supplied patches.
There is no CVE available for this.
When you are on it, the not working first-call - issue is a real bugger in real life.