We found results for “”
CVE-2023-4863
Good to know:
Date: September 12, 2023
Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical)
Language: RUST
Severity Score
Related Resources (79)
Severity Score
Weakness Type (CWE)
Out-of-bounds Write
CWE-787Top Fix
Upgrade Version
Upgrade to version Pillow - 10.0.1, SkiaSharp - 2.88.6, libwebp-sys - 0.9.3, libwebp-sys, webp - 0.2.62 - 0.1.8, electron - 22.3.24,24.8.3,25.8.1,26.2.1,27.0.0-beta.2
CVSS v3.1
Base Score: |
|
---|---|
Attack Vector (AV): | NETWORK |
Attack Complexity (AC): | LOW |
Privileges Required (PR): | NONE |
User Interaction (UI): | REQUIRED |
Scope (S): | UNCHANGED |
Confidentiality (C): | HIGH |
Integrity (I): | HIGH |
Availability (A): | HIGH |