CVE-2023-4863

Summary

Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical)

Affected Software

VendorProductVersion RangeStatus
GoogleChrome116.0.5845.187 < 116.0.5845.187affected
Googlelibwebp1.3.2 < 1.3.2affected

Weaknesses

  • Heap buffer overflow

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: active
    • Automatable: no
    • Technical Impact: total

Additional References

References