Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical)
{ "vanir_signatures": [ { "deprecated": false, "digest": { "line_hashes": [ "20134740730605791402509200455302630941", "136648906070994206943738037015888819806", "232356828012318700083917498119399758794", "37020882375958065571817200082347569363" ], "threshold": 0.9 }, "source": "https://github.com/webmproject/libwebp/commit/902bc9190331343b2017211debcec8d2ab87e17a", "signature_type": "Line", "id": "CVE-2023-4863-3703e29f", "target": { "file": "src/dec/vp8li_dec.h" }, "signature_version": "v1" }, { "deprecated": false, "digest": { "line_hashes": [ "210680425751445647392974712312166516434", "31176131428327197556084923347153299803", "91413042216609002235528185241791249822", "273450130334326004710231764491864605384", "97403937494087092732307438335378299067", "183915759203804892541396210553818051906", "218815111059650688860257620488376646006" ], "threshold": 0.9 }, "source": "https://github.com/webmproject/libwebp/commit/902bc9190331343b2017211debcec8d2ab87e17a", "signature_type": "Line", "id": "CVE-2023-4863-903fc9e4", "target": { "file": "src/utils/huffman_utils.h" }, "signature_version": "v1" }, { "deprecated": false, "digest": { "line_hashes": [ "271948026291282679915020711765944277644", "262252171417285278396190219750969423297", "148769860740082019780466540147402480452", "210145805502744439188840045708050512589", "35045463450424597200053605992676636204", "64766116049401205963382856096159133016", "199857997552244871809490827006375407869", "19508379791752261999511906430439999976", "228171279559466439552632197667773266539", "151576406092307753477191614656856352818", "253045320118918568491627921939403555705", "130445939594778113211731509372766920561", "120076622227917682491764850393839101917", "284362866993109694925581498077114712657", "137003821122577824635294804739146166789", "112588836660070022639592100708547253158", "80951286132688567743133278832665098378", "269574673249262310077259878437192371215", "252443284945298872410908993903016361511", "159257432654087281696134800911303867693", "291750083337732318662709987572573616830", "169088151181716300303842140093765755918", "73550526054077245811164979480865709647", "137425105189849639014823927868322683325", "291243115522035543821384978063358782303", "178642488364606593579676655197420657813", "298358522057652572101438670807195076303", "296404297189211934789742530714505713594", "247530072585474083441594850150604125475", "279560637154054723920761559897853486777", "202655542227860580080550069313697685541", "300383687110456121784217000941022389469", "192297749408518192473170605731069214262", "283940877786059570739337614271542237873", "276748998161991204499405585688807490389", "225298851476652200041146005344964915850", "25926333490899675358408004217915439110", "121271864338623016227831636388829667369", "3261922525234354196880407410666053244", "93490408030208102553449128636581277522", "56169827678954796002461554515733955394", "146434498251422795792724255787630145257", "180061472657521040892563784991030675291", "28456919384561916568486403753570021157", "141591542593831588193439876159158717749", "143026966034998223926469464146658131125", "214863518128816089569328548838396476266", "181159102842818032171371684569701144472", "100549082727312540877472668665834378775", "43581069938430831587912090271434024516", "73651109845734901883398747017515852367", "115445385881407562798806355037454872759", "110463014747451642918800005342832693488", "254069557418689661914117668276367867146", "328830259662328988457898205652053121965", "238858969565005325952513859319399381516", "111234782651036060340979675411769789231", "172081266457316932040744692285306655916", "248566039298899952992969157639115673789", "119985745181292829676238729059280428135", "167694533597920009083942283657848514212", "264725772127853413985386923114761986085", "319322622918909763052091702521534025749", "298957801119027805276587464952973149993", "62837709564002461020449103231436455248", "313049931741831224027067891725458321568", "234345581826703249538457366286627621387", "200300177457112355832449360393082008763", "48551747108970203382132381719056013424", "274300588330689046282791831363004929420", "309105406738991267509915155779836680981", "310052527010005599966394898527644151396" ], "threshold": 0.9 }, "source": "https://github.com/webmproject/libwebp/commit/902bc9190331343b2017211debcec8d2ab87e17a", "signature_type": "Line", "id": "CVE-2023-4863-ccb3931c", "target": { "file": "src/dec/vp8l_dec.c" }, "signature_version": "v1" }, { "deprecated": false, "digest": { "line_hashes": [ "204781606502151800260619611752625644818", "185106167987738524761390329650955829619", "305816608561040735805928812483133554564", "59392845666000361311742466361202540751", "163544756746094738569689619927773583208", "64351449055211388586989071028165712970", "18629077194446828728726317177332368712", "223007749125293494574594639015320091978", "236680345559470387610260309003459465438", "226067468273456595296407121508288106200", "321923281581885145865730435223215193746", "231666192913856095838086834941208983265", "181054860789483302711806005905772321308", "79258257990473166470619511931141812522", "200328652613175569443260201006420835059", "6676361250043582523572721889987948436", "200076656036652498604570028039742429935", "189120569564892762059446620707941915190", "323711977447033501678429042127603698316", "269845760469900685143393871538905460386", "4720203203833394296686175345248656821", "56107595494770414169033152965635542500", "220250410205055553327705516994151907780", "139029986952383583081732583543121227225", "225906645224314157815939602383793184376", "155588090218342557940253942580447666642", "309051081962351778948184717950795815509", "245539949468760808910768168636209190145", "244292944973542475936500071963500771088", "94475619690918640400365047181728977924", "195366773349676590075927548152953695014", "279482347794562642676571009996899462113", "48927683219126065761174863204405289860", "214789503505984548988643500713495921103", "25920949994098500062101683129657787955", "40948343052415876263205953168564566778", "32377182047332644615623785857061877577", "213828181346851087381515831448269560908", "261689318391222986394302351952710236908" ], "threshold": 0.9 }, "source": "https://github.com/webmproject/libwebp/commit/902bc9190331343b2017211debcec8d2ab87e17a", "signature_type": "Line", "id": "CVE-2023-4863-ecfb528b", "target": { "file": "src/utils/huffman_utils.c" }, "signature_version": "v1" } ] }