Closed Vigneshwaran082 closed 12 months ago
"From the file 'WebpRiffHandler.java', it appears that this project is using the libwebp library indirectly. Is there any plan to upgrade this library, as 'libwebp' has a high-security vulnerability?" [https://nvd.nist.gov/vuln/detail/CVE-2023-4863]
We aren't using that library:
https://github.com/drewnoakes/metadata-extractor/blob/master/Source/com/drew/metadata/webp/WebpRiffHandler.java
An I missing something?
I don't see any action to take here, so closing.
"From the file 'WebpRiffHandler.java', it appears that this project is using the libwebp library indirectly. Is there any plan to upgrade this library, as 'libwebp' has a high-security vulnerability?" [https://nvd.nist.gov/vuln/detail/CVE-2023-4863]