CVE-2023-4863 - Google Chromium WebP Heap-Based Buffer Overflow Vulnerability
CVE-2023-4863
Google | Chromium WebP
- Date Added:
- 2023-09-13
- Due Date:
- 2023-10-04
- Vulnerability Name
Google Chromium WebP Heap-Based Buffer Overflow Vulnerability
- Description
Google Chromium WebP contains a heap-based buffer overflow vulnerability that allows a remote attacker to perform an out-of-bounds memory write via a crafted HTML page. This vulnerability can affect applications that use the WebP Codec.
- Known To Be Used in Ransomware Campaigns?
Unknown
- Action
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
- Additional Notes
- https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_11.html?m=1; https://nvd.nist.gov/vuln/detail/CVE-2023-4863
Free security scan for your website