CVE-2023-4863
| CVE Published | 2023-09-12 |
|---|---|
| Related CWE(s) | CWE-787: Out-of-bounds Write |
| Related Vendor(s) | fedoraproject, microsoft, bentley, google, webmproject, netapp, mozilla, debian |
| Related Product(s) | libwebp, thunderbird, active_iq_unified_manager, chrome, firefox_esr, firefox, fedora, edge, debian_linux, seequent_leapfrog |
| Exploitation Reported (CISA KEV) | 2023-09-13 |
| CVSS 3 Base Score | 8.8 (HIGH) |
| CVSS 3 Attack Complexity | LOW |
| CVSS 3 Attack Vector | NETWORK |
Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical)
Cyber Threat Graph Context
Explore how this CVE relates to the wider threat graph
Threat Reports Related to CVE-2023-4863
Report
We're All in this Together - A Year in Review of Zero-Days Exploited In-the-Wild in 2023
This report from Mandiant and Google Threat Analysis Group (TAG) presents combined analysis of zero day vulnerability exploitation in 2023. The ...