{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-4863", "assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", "state": "PUBLISHED", "assignerShortName": "Chrome", "dateReserved": "2023-09-09T01:02:58.312Z", "datePublished": "2023-09-12T14:24:59.275Z", "dateUpdated": "2024-08-19T07:48:10.265Z"}, "containers": {"cna": {"affected": [{"vendor": "Google", "product": "Chrome", "versions": [{"version": "116.0.5845.187", "status": "affected", "lessThan": "116.0.5845.187", "versionType": "custom"}]}, {"vendor": "Google", "product": "libwebp", "versions": [{"version": "1.3.2", "status": "affected", "lessThan": "1.3.2", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "value": "Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical)"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "Heap buffer overflow"}]}], "providerMetadata": {"orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", "shortName": "Chrome", "dateUpdated": "2023-11-06T23:12:29.399Z"}, "references": [{"url": "https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_11.html"}, {"url": "https://crbug.com/1479274"}, {"url": "https://en.bandisoft.com/honeyview/history/"}, {"url": "https://stackdiary.com/critical-vulnerability-in-webp-codec-cve-2023-4863/"}, {"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-40/"}, {"url": "https://github.com/webmproject/libwebp/commit/902bc9190331343b2017211debcec8d2ab87e17a"}, {"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-4863"}, {"url": "https://security-tracker.debian.org/tracker/CVE-2023-4863"}, {"url": "https://bugzilla.suse.com/show_bug.cgi?id=1215231"}, {"url": "https://news.ycombinator.com/item?id=37478403"}, {"url": "https://www.bleepingcomputer.com/news/google/google-fixes-another-chrome-zero-day-bug-exploited-in-attacks/"}, {"url": "https://www.debian.org/security/2023/dsa-5496"}, {"url": "https://www.debian.org/security/2023/dsa-5497"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OZDGWWMJREPAGKWCJKSCM4WYLANSKIFX/"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FYYKLG6CRGEDTNRBSU26EEWAO6D6U645/"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PYZV7TMKF4QHZ54SFJX54BDN52VHGGCX/"}, {"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00015.html"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WHOLML7N2G5KCAZXFWC5IDFFHSQS5SDB/"}, {"url": "https://www.debian.org/security/2023/dsa-5498"}, {"url": "https://security.gentoo.org/glsa/202309-05"}, {"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00016.html"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T655QF7CQ3DYAMPFV7IECQYGDEUIVVT/"}, {"url": "https://adamcaudill.com/2023/09/14/whose-cve-is-it-anyway/"}, {"url": "https://github.com/webmproject/libwebp/releases/tag/v1.3.2"}, {"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00017.html"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KUQ7CTX3W372X3UY56VVNAHCH6H2F4X3/"}, {"url": "http://www.openwall.com/lists/oss-security/2023/09/21/4"}, {"url": "https://blog.isosceles.com/the-webp-0day/"}, {"url": "http://www.openwall.com/lists/oss-security/2023/09/22/1"}, {"url": "http://www.openwall.com/lists/oss-security/2023/09/22/3"}, {"url": "http://www.openwall.com/lists/oss-security/2023/09/22/4"}, {"url": "http://www.openwall.com/lists/oss-security/2023/09/22/5"}, {"url": "http://www.openwall.com/lists/oss-security/2023/09/22/8"}, {"url": "http://www.openwall.com/lists/oss-security/2023/09/22/7"}, {"url": "http://www.openwall.com/lists/oss-security/2023/09/22/6"}, {"url": "http://www.openwall.com/lists/oss-security/2023/09/26/1"}, {"url": "http://www.openwall.com/lists/oss-security/2023/09/26/7"}, {"url": "http://www.openwall.com/lists/oss-security/2023/09/28/1"}, {"url": "http://www.openwall.com/lists/oss-security/2023/09/28/2"}, {"url": "http://www.openwall.com/lists/oss-security/2023/09/28/4"}, {"url": "https://security.netapp.com/advisory/ntap-20230929-0011/"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WTRUIS3564P7ZLM2S2IH4Y4KZ327LI4I/"}, {"url": "https://sethmlarson.dev/security-developer-in-residence-weekly-report-16"}, {"url": "https://www.bentley.com/advisories/be-2023-0001/"}, {"url": "https://security.gentoo.org/glsa/202401-10"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-19T07:48:10.265Z"}, "title": "CVE Program Container", "references": [{"url": "https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_11.html", "tags": ["x_transferred"]}, {"url": "https://crbug.com/1479274", "tags": ["x_transferred"]}, {"url": "https://en.bandisoft.com/honeyview/history/", "tags": ["x_transferred"]}, {"url": "https://stackdiary.com/critical-vulnerability-in-webp-codec-cve-2023-4863/", "tags": ["x_transferred"]}, {"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-40/", "tags": ["x_transferred"]}, {"url": "https://github.com/webmproject/libwebp/commit/902bc9190331343b2017211debcec8d2ab87e17a", "tags": ["x_transferred"]}, {"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-4863", "tags": ["x_transferred"]}, {"url": "https://security-tracker.debian.org/tracker/CVE-2023-4863", "tags": ["x_transferred"]}, {"url": "https://bugzilla.suse.com/show_bug.cgi?id=1215231", "tags": ["x_transferred"]}, {"url": "https://news.ycombinator.com/item?id=37478403", "tags": ["x_transferred"]}, {"url": "https://www.bleepingcomputer.com/news/google/google-fixes-another-chrome-zero-day-bug-exploited-in-attacks/", "tags": ["x_transferred"]}, {"url": "https://www.debian.org/security/2023/dsa-5496", "tags": ["x_transferred"]}, {"url": "https://www.debian.org/security/2023/dsa-5497", "tags": ["x_transferred"]}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OZDGWWMJREPAGKWCJKSCM4WYLANSKIFX/", "tags": ["x_transferred"]}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FYYKLG6CRGEDTNRBSU26EEWAO6D6U645/", "tags": ["x_transferred"]}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PYZV7TMKF4QHZ54SFJX54BDN52VHGGCX/", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00015.html", "tags": ["x_transferred"]}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WHOLML7N2G5KCAZXFWC5IDFFHSQS5SDB/", "tags": ["x_transferred"]}, {"url": "https://www.debian.org/security/2023/dsa-5498", "tags": ["x_transferred"]}, {"url": "https://security.gentoo.org/glsa/202309-05", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00016.html", "tags": ["x_transferred"]}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T655QF7CQ3DYAMPFV7IECQYGDEUIVVT/", "tags": ["x_transferred"]}, {"url": "https://adamcaudill.com/2023/09/14/whose-cve-is-it-anyway/", "tags": ["x_transferred"]}, {"url": "https://github.com/webmproject/libwebp/releases/tag/v1.3.2", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00017.html", "tags": ["x_transferred"]}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KUQ7CTX3W372X3UY56VVNAHCH6H2F4X3/", "tags": ["x_transferred"]}, {"url": "http://www.openwall.com/lists/oss-security/2023/09/21/4", "tags": ["x_transferred"]}, {"url": "https://blog.isosceles.com/the-webp-0day/", "tags": ["x_transferred"]}, {"url": "http://www.openwall.com/lists/oss-security/2023/09/22/1", "tags": ["x_transferred"]}, {"url": "http://www.openwall.com/lists/oss-security/2023/09/22/3", "tags": ["x_transferred"]}, {"url": "http://www.openwall.com/lists/oss-security/2023/09/22/4", "tags": ["x_transferred"]}, {"url": "http://www.openwall.com/lists/oss-security/2023/09/22/5", "tags": ["x_transferred"]}, {"url": "http://www.openwall.com/lists/oss-security/2023/09/22/8", "tags": ["x_transferred"]}, {"url": "http://www.openwall.com/lists/oss-security/2023/09/22/7", "tags": ["x_transferred"]}, {"url": "http://www.openwall.com/lists/oss-security/2023/09/22/6", "tags": ["x_transferred"]}, {"url": "http://www.openwall.com/lists/oss-security/2023/09/26/1", "tags": ["x_transferred"]}, {"url": "http://www.openwall.com/lists/oss-security/2023/09/26/7", "tags": ["x_transferred"]}, {"url": "http://www.openwall.com/lists/oss-security/2023/09/28/1", "tags": ["x_transferred"]}, {"url": "http://www.openwall.com/lists/oss-security/2023/09/28/2", "tags": ["x_transferred"]}, {"url": "http://www.openwall.com/lists/oss-security/2023/09/28/4", "tags": ["x_transferred"]}, {"url": "https://security.netapp.com/advisory/ntap-20230929-0011/", "tags": ["x_transferred"]}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WTRUIS3564P7ZLM2S2IH4Y4KZ327LI4I/", "tags": ["x_transferred"]}, {"url": "https://sethmlarson.dev/security-developer-in-residence-weekly-report-16", "tags": ["x_transferred"]}, {"url": "https://www.bentley.com/advisories/be-2023-0001/", "tags": ["x_transferred"]}, {"url": "https://security.gentoo.org/glsa/202401-10", "tags": ["x_transferred"]}, {"url": "https://www.vicarius.io/vsociety/posts/zero-day-webp-vulnerability-cve-2023-4863"}]}]}}

{}

{"cisaActionDue": "2023-10-04", "cisaExploitAdd": "2023-09-13", "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "cisaVulnerabilityName": "Google Chromium WebP Heap-Based Buffer Overflow Vulnerability", "configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", "matchCriteriaId": "856C1821-5D22-4A4E-859D-8F5305255AB7", "versionEndExcluding": "116.0.5845.187", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*", "matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D", "vulnerable": true}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*", "matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9", "vulnerable": true}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*", "matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", "matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*", "matchCriteriaId": "46D69DCC-AE4D-4EA5-861C-D60951444C6C", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "matchCriteriaId": "54A821DA-91BA-454E-BC32-2152CD7989AE", "versionEndExcluding": "117.0.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*", "matchCriteriaId": "F5CB1076-9147-44A4-B32F-86841DEB85DA", "versionEndExcluding": "102.15.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*", "matchCriteriaId": "D288632E-E2D5-4319-BE74-882D71D699C2", "versionEndExcluding": "115.2.1", "versionStartIncluding": "115.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "matchCriteriaId": "A073724D-52BD-4426-B58D-7A8BD24B8F8E", "versionEndExcluding": "102.15.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "matchCriteriaId": "952BEC0C-2DB0-476A-AF62-1269F8635B4A", "versionEndExcluding": "115.2.2", "versionStartIncluding": "115.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:microsoft:edge:*:*:*:*:*:*:*:*", "matchCriteriaId": "49AFFE24-5E30-46A4-A3AE-13D8EB15DE91", "versionEndExcluding": "117.0.2045.31", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:edge_chromium:*:*:*:*:*:*:*:*", "matchCriteriaId": "B743C4A7-9C0F-49F3-B94E-F837F19164E2", "versionEndExcluding": "117.0.5938.62", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:teams:1.6.00.26463:*:*:*:*:macos:*:*", "matchCriteriaId": "AB030595-AF08-4FA1-819D-AC8F4AF36D20", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:teams:1.6.00.26474:*:*:*:*:desktop:*:*", "matchCriteriaId": "4260DF96-DB1A-4E91-BE70-DE05424FF883", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:webp_image_extension:1.0.62681.0:*:*:*:*:*:*:*", "matchCriteriaId": "99B1FD6D-F6BA-4992-BD0C-3B2A327F00BE", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:webmproject:libwebp:*:*:*:*:*:*:*:*", "matchCriteriaId": "2804DDE4-B0A4-4B7F-A318-F491B6316B34", "versionEndExcluding": "1.3.2", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*", "matchCriteriaId": "3A756737-1CC4-42C2-A4DF-E1C893B4E2D5", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:bentley:seequent_leapfrog:*:*:*:*:*:*:*:*", "matchCriteriaId": "E50A797C-2C6C-46A5-A9D0-8CD877EBA3CD", "versionEndExcluding": "2023.2", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical)"}, {"lang": "es", "value": "El desbordamiento del b\u00fafer de memoria en libwebp en Google Chrome anterior a 116.0.5845.187 y libwebp 1.3.2 permit\u00eda a un atacante remoto realizar una escritura en memoria fuera de los l\u00edmites a trav\u00e9s de una p\u00e1gina HTML manipulada. (Severidad de seguridad de Chromium: cr\u00edtica)"}], "id": "CVE-2023-4863", "lastModified": "2024-07-31T18:19:23.710", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-09-12T15:15:24.327", "references": [{"source": "chrome-cve-admin@google.com", "tags": ["Mailing List"], "url": "http://www.openwall.com/lists/oss-security/2023/09/21/4"}, {"source": "chrome-cve-admin@google.com", "tags": ["Mailing List"], "url": "http://www.openwall.com/lists/oss-security/2023/09/22/1"}, {"source": "chrome-cve-admin@google.com", "tags": ["Mailing List"], "url": "http://www.openwall.com/lists/oss-security/2023/09/22/3"}, {"source": "chrome-cve-admin@google.com", "tags": ["Mailing List"], "url": "http://www.openwall.com/lists/oss-security/2023/09/22/4"}, {"source": "chrome-cve-admin@google.com", "tags": ["Mailing List"], "url": "http://www.openwall.com/lists/oss-security/2023/09/22/5"}, {"source": "chrome-cve-admin@google.com", "tags": ["Mailing List"], "url": "http://www.openwall.com/lists/oss-security/2023/09/22/6"}, {"source": "chrome-cve-admin@google.com", "tags": ["Mailing List"], "url": "http://www.openwall.com/lists/oss-security/2023/09/22/7"}, {"source": "chrome-cve-admin@google.com", "tags": ["Mailing List"], "url": "http://www.openwall.com/lists/oss-security/2023/09/22/8"}, {"source": "chrome-cve-admin@google.com", "tags": ["Mailing List"], "url": "http://www.openwall.com/lists/oss-security/2023/09/26/1"}, {"source": "chrome-cve-admin@google.com", "tags": ["Mailing List"], "url": "http://www.openwall.com/lists/oss-security/2023/09/26/7"}, {"source": "chrome-cve-admin@google.com", "tags": ["Mailing List"], "url": "http://www.openwall.com/lists/oss-security/2023/09/28/1"}, {"source": "chrome-cve-admin@google.com", "tags": ["Mailing List"], "url": "http://www.openwall.com/lists/oss-security/2023/09/28/2"}, {"source": "chrome-cve-admin@google.com", "tags": ["Mailing List"], "url": "http://www.openwall.com/lists/oss-security/2023/09/28/4"}, {"source": "chrome-cve-admin@google.com", "tags": ["Third Party Advisory"], "url": "https://adamcaudill.com/2023/09/14/whose-cve-is-it-anyway/"}, {"source": "chrome-cve-admin@google.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://blog.isosceles.com/the-webp-0day/"}, {"source": "chrome-cve-admin@google.com", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "https://bugzilla.suse.com/show_bug.cgi?id=1215231"}, {"source": "chrome-cve-admin@google.com", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_11.html"}, {"source": "chrome-cve-admin@google.com", "tags": ["Issue Tracking", "Permissions Required", "Vendor Advisory"], "url": "https://crbug.com/1479274"}, {"source": "chrome-cve-admin@google.com", "tags": ["Release Notes", "Third Party Advisory"], "url": "https://en.bandisoft.com/honeyview/history/"}, {"source": "chrome-cve-admin@google.com", "tags": ["Patch"], "url": "https://github.com/webmproject/libwebp/commit/902bc9190331343b2017211debcec8d2ab87e17a"}, {"source": "chrome-cve-admin@google.com", "tags": ["Release Notes"], "url": "https://github.com/webmproject/libwebp/releases/tag/v1.3.2"}, {"source": "chrome-cve-admin@google.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00015.html"}, {"source": "chrome-cve-admin@google.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00016.html"}, {"source": "chrome-cve-admin@google.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00017.html"}, {"source": "chrome-cve-admin@google.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T655QF7CQ3DYAMPFV7IECQYGDEUIVVT/"}, {"source": "chrome-cve-admin@google.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FYYKLG6CRGEDTNRBSU26EEWAO6D6U645/"}, {"source": "chrome-cve-admin@google.com", "tags": ["Mailing List", "Release Notes"], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KUQ7CTX3W372X3UY56VVNAHCH6H2F4X3/"}, {"source": "chrome-cve-admin@google.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OZDGWWMJREPAGKWCJKSCM4WYLANSKIFX/"}, {"source": "chrome-cve-admin@google.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PYZV7TMKF4QHZ54SFJX54BDN52VHGGCX/"}, {"source": "chrome-cve-admin@google.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WHOLML7N2G5KCAZXFWC5IDFFHSQS5SDB/"}, {"source": "chrome-cve-admin@google.com", "tags": ["Mailing List", "Release Notes"], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WTRUIS3564P7ZLM2S2IH4Y4KZ327LI4I/"}, {"source": "chrome-cve-admin@google.com", "tags": ["Patch", "Vendor Advisory"], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-4863"}, {"source": "chrome-cve-admin@google.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://news.ycombinator.com/item?id=37478403"}, {"source": "chrome-cve-admin@google.com", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "https://security-tracker.debian.org/tracker/CVE-2023-4863"}, {"source": "chrome-cve-admin@google.com", "tags": ["Third Party Advisory"], "url": "https://security.gentoo.org/glsa/202309-05"}, {"source": "chrome-cve-admin@google.com", "tags": ["Third Party Advisory"], "url": "https://security.gentoo.org/glsa/202401-10"}, {"source": "chrome-cve-admin@google.com", "tags": ["Third Party Advisory"], "url": "https://security.netapp.com/advisory/ntap-20230929-0011/"}, {"source": "chrome-cve-admin@google.com", "tags": ["Exploit"], "url": "https://sethmlarson.dev/security-developer-in-residence-weekly-report-16"}, {"source": "chrome-cve-admin@google.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://stackdiary.com/critical-vulnerability-in-webp-codec-cve-2023-4863/"}, {"source": "chrome-cve-admin@google.com", "tags": ["Third Party Advisory"], "url": "https://www.bentley.com/advisories/be-2023-0001/"}, {"source": "chrome-cve-admin@google.com", "tags": ["Third Party Advisory"], "url": "https://www.bleepingcomputer.com/news/google/google-fixes-another-chrome-zero-day-bug-exploited-in-attacks/"}, {"source": "chrome-cve-admin@google.com", "tags": ["Third Party Advisory"], "url": "https://www.debian.org/security/2023/dsa-5496"}, {"source": "chrome-cve-admin@google.com", "tags": ["Third Party Advisory"], "url": "https://www.debian.org/security/2023/dsa-5497"}, {"source": "chrome-cve-admin@google.com", "tags": ["Third Party Advisory"], "url": "https://www.debian.org/security/2023/dsa-5498"}, {"source": "chrome-cve-admin@google.com", "tags": ["Third Party Advisory"], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-40/"}], "sourceIdentifier": "chrome-cve-admin@google.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2023:5191", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "thunderbird-0:102.15.1-1.el7_9", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2023-09-18T00:00:00Z"}, {"advisory": "RHSA-2023:5197", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "firefox-0:102.15.1-1.el7_9", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2023-09-18T00:00:00Z"}, {"advisory": "RHSA-2023:5184", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "firefox-0:102.15.1-1.el8_8", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2023-09-18T00:00:00Z"}, {"advisory": "RHSA-2023:5201", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "thunderbird-0:102.15.1-1.el8_8", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2023-09-18T00:00:00Z"}, {"advisory": "RHSA-2023:5309", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "libwebp-0:1.0.0-8.el8_8.1", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2023-09-20T00:00:00Z"}, {"advisory": "RHSA-2023:5183", "cpe": "cpe:/a:redhat:rhel_e4s:8.1", "package": "firefox-0:102.15.1-1.el8_1", "product_name": "Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions", "release_date": "2023-09-18T00:00:00Z"}, {"advisory": "RHSA-2023:5188", "cpe": "cpe:/a:redhat:rhel_e4s:8.1", "package": "thunderbird-0:102.15.1-1.el8_1", "product_name": "Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions", "release_date": "2023-09-18T00:00:00Z"}, {"advisory": "RHSA-2023:5236", "cpe": "cpe:/a:redhat:rhel_e4s:8.1", "package": "libwebp-0:1.0.0-5.2.el8_1.1", "product_name": "Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions", "release_date": "2023-09-19T00:00:00Z"}, {"advisory": "RHSA-2023:5186", "cpe": "cpe:/a:redhat:rhel_aus:8.2", "package": "thunderbird-0:102.15.1-1.el8_2", "product_name": "Red Hat Enterprise Linux 8.2 Advanced Update Support", "release_date": "2023-09-18T00:00:00Z"}, {"advisory": "RHSA-2023:5187", "cpe": "cpe:/a:redhat:rhel_aus:8.2", "package": "firefox-0:102.15.1-1.el8_2", "product_name": "Red Hat Enterprise Linux 8.2 Advanced Update Support", "release_date": "2023-09-18T00:00:00Z"}, {"advisory": "RHSA-2023:5190", "cpe": "cpe:/a:redhat:rhel_aus:8.2", "package": "libwebp-0:1.0.0-7.el8_2.1", "product_name": "Red Hat Enterprise Linux 8.2 Advanced Update Support", "release_date": "2023-09-18T00:00:00Z"}, {"advisory": "RHSA-2023:5186", "cpe": "cpe:/a:redhat:rhel_tus:8.2", "package": "thunderbird-0:102.15.1-1.el8_2", "product_name": "Red Hat Enterprise Linux 8.2 Telecommunications Update Service", "release_date": "2023-09-18T00:00:00Z"}, {"advisory": "RHSA-2023:5187", "cpe": "cpe:/a:redhat:rhel_tus:8.2", "package": "firefox-0:102.15.1-1.el8_2", "product_name": "Red Hat Enterprise Linux 8.2 Telecommunications Update Service", "release_date": "2023-09-18T00:00:00Z"}, {"advisory": "RHSA-2023:5190", "cpe": "cpe:/a:redhat:rhel_tus:8.2", "package": "libwebp-0:1.0.0-7.el8_2.1", "product_name": "Red Hat Enterprise Linux 8.2 Telecommunications Update Service", "release_date": "2023-09-18T00:00:00Z"}, {"advisory": "RHSA-2023:5186", "cpe": "cpe:/a:redhat:rhel_e4s:8.2", "package": "thunderbird-0:102.15.1-1.el8_2", "product_name": "Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions", "release_date": "2023-09-18T00:00:00Z"}, {"advisory": "RHSA-2023:5187", "cpe": "cpe:/a:redhat:rhel_e4s:8.2", "package": "firefox-0:102.15.1-1.el8_2", "product_name": "Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions", "release_date": "2023-09-18T00:00:00Z"}, {"advisory": "RHSA-2023:5190", "cpe": "cpe:/a:redhat:rhel_e4s:8.2", "package": "libwebp-0:1.0.0-7.el8_2.1", "product_name": "Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions", "release_date": "2023-09-18T00:00:00Z"}, {"advisory": "RHSA-2023:5185", "cpe": "cpe:/a:redhat:rhel_aus:8.4", "package": "thunderbird-0:102.15.1-1.el8_4", "product_name": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support", "release_date": "2023-09-18T00:00:00Z"}, {"advisory": "RHSA-2023:5192", "cpe": "cpe:/a:redhat:rhel_aus:8.4", "package": "firefox-0:102.15.1-1.el8_4", "product_name": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support", "release_date": "2023-09-18T00:00:00Z"}, {"advisory": "RHSA-2023:5222", "cpe": "cpe:/a:redhat:rhel_aus:8.4", "package": "libwebp-0:1.0.0-7.el8_4.1", "product_name": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support", "release_date": "2023-09-19T00:00:00Z"}, {"advisory": "RHSA-2023:5185", "cpe": "cpe:/a:redhat:rhel_tus:8.4", "package": "thunderbird-0:102.15.1-1.el8_4", "product_name": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service", "release_date": "2023-09-18T00:00:00Z"}, {"advisory": "RHSA-2023:5192", "cpe": "cpe:/a:redhat:rhel_tus:8.4", "package": "firefox-0:102.15.1-1.el8_4", "product_name": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service", "release_date": "2023-09-18T00:00:00Z"}, {"advisory": "RHSA-2023:5222", "cpe": "cpe:/a:redhat:rhel_tus:8.4", "package": "libwebp-0:1.0.0-7.el8_4.1", "product_name": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service", "release_date": "2023-09-19T00:00:00Z"}, {"advisory": "RHSA-2023:5185", "cpe": "cpe:/a:redhat:rhel_e4s:8.4", "package": "thunderbird-0:102.15.1-1.el8_4", "product_name": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions", "release_date": "2023-09-18T00:00:00Z"}, {"advisory": "RHSA-2023:5192", "cpe": "cpe:/a:redhat:rhel_e4s:8.4", "package": "firefox-0:102.15.1-1.el8_4", "product_name": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions", "release_date": "2023-09-18T00:00:00Z"}, {"advisory": "RHSA-2023:5222", "cpe": "cpe:/a:redhat:rhel_e4s:8.4", "package": "libwebp-0:1.0.0-7.el8_4.1", "product_name": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions", "release_date": "2023-09-19T00:00:00Z"}, {"advisory": "RHSA-2023:5189", "cpe": "cpe:/a:redhat:rhel_eus:8.6", "package": "libwebp-0:1.0.0-7.el8_6.1", "product_name": "Red Hat Enterprise Linux 8.6 Extended Update Support", "release_date": "2023-09-18T00:00:00Z"}, {"advisory": "RHSA-2023:5198", "cpe": "cpe:/a:redhat:rhel_eus:8.6", "package": "firefox-0:102.15.1-1.el8_6", "product_name": "Red Hat Enterprise Linux 8.6 Extended Update Support", "release_date": "2023-09-18T00:00:00Z"}, {"advisory": "RHSA-2023:5202", "cpe": "cpe:/a:redhat:rhel_eus:8.6", "package": "thunderbird-0:102.15.1-1.el8_6", "product_name": "Red Hat Enterprise Linux 8.6 Extended Update Support", "release_date": "2023-09-18T00:00:00Z"}, {"advisory": "RHSA-2023:5200", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "firefox-0:102.15.1-1.el9_2", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2023-09-18T00:00:00Z"}, {"advisory": "RHSA-2023:5214", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "libwebp-0:1.2.0-7.el9_2", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2023-09-19T00:00:00Z"}, {"advisory": "RHSA-2023:5224", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "thunderbird-0:102.15.1-1.el9_2", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2023-09-19T00:00:00Z"}, {"advisory": "RHSA-2023:5204", "cpe": "cpe:/a:redhat:rhel_eus:9.0", "package": "libwebp-0:1.2.0-6.el9_0", "product_name": "Red Hat Enterprise Linux 9.0 Extended Update Support", "release_date": "2023-09-18T00:00:00Z"}, {"advisory": "RHSA-2023:5205", "cpe": "cpe:/a:redhat:rhel_eus:9.0", "package": "firefox-0:102.15.1-1.el9_0", "product_name": "Red Hat Enterprise Linux 9.0 Extended Update Support", "release_date": "2023-09-18T00:00:00Z"}, {"advisory": "RHSA-2023:5223", "cpe": "cpe:/a:redhat:rhel_eus:9.0", "package": "thunderbird-0:102.15.1-1.el9_0", "product_name": "Red Hat Enterprise Linux 9.0 Extended Update Support", "release_date": "2023-09-19T00:00:00Z"}], "bugzilla": {"description": "libwebp: Heap buffer overflow in WebP Codec", "id": "2238431", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2238431"}, "csaw": true, "cvss3": {"cvss3_base_score": "9.6", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "status": "verified"}, "cwe": "CWE-122", "details": ["Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical)", "A heap-based buffer flaw was found in the way libwebp, a library used to process \"WebP\" image format data, processes certain specially formatted WebP images. An attacker could use this flaw to crash or execute remotely arbitrary code in an application such as a web browser compiled with this library."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2023-4863", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "firefox", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "libwebp", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "firefox:flatpak/firefox", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "thunderbird:flatpak/thunderbird", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2023-09-11T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2023-4863\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-4863\nhttps://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_12.html\nhttps://stackdiary.com/critical-vulnerability-in-webp-codec-cve-2023-4863/\nhttps://www.mozilla.org/en-US/security/advisories/mfsa2023-40/\nhttps://www.cisa.gov/known-exploited-vulnerabilities-catalog"], "statement": "This security issue has been classified as having an Important security impact. Desktop users are at a high risk of exploitation of this flaw with very minimal interaction. It may compromise the confidentiality, integrity, or availability of resources.\nCustomers using this application, which does server-side image processing by linking to the libwebp library, are also potentially impacted by this flaw and are advised to update to the fixed versions of the package.", "threat_severity": "Important"}