CVE-2023-4863
| CVE Published | 2023-09-12 |
|---|---|
| Related CWE(s) | CWE-787: Out-of-bounds Write |
| Related Vendor(s) | netapp, fedoraproject, microsoft, webmproject, mozilla, google, debian, bentley |
| Related Product(s) | fedora, chrome, active_iq_unified_manager, webp_image_extension, edge, libwebp, thunderbird, debian_linux, firefox, teams, seequent_leapfrog, edge_chromium, firefox_esr |
| Exploitation Reported (CISA KEV) | 2023-09-13 |
| CVSS 3 Base Score | 8.8 (HIGH) |
| CVSS 3 Attack Complexity | LOW |
| CVSS 3 Attack Vector | NETWORK |
Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical)
Cyber Threat Graph Context
Explore how this CVE relates to the wider threat graph
Threat Reports Related to CVE-2023-4863
Report
We're All in this Together - A Year in Review of Zero-Days Exploited In-the-Wild in 2023
This report from Mandiant and Google Threat Analysis Group (TAG) presents combined analysis of zero day vulnerability exploitation in 2023. The ...