MGASA-2023-0282

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2023-0282.html

Import Source

https://advisories.mageia.org/MGASA-2023-0282.json

JSON Data

https://api.test.osv.dev/v1/vulns/MGASA-2023-0282

Related

CVE-2023-4863

Published

2023-10-03T10:53:29Z

Modified

2023-10-03T09:30:32Z

Summary

Updated libwebp packages fix a security vulnerability

Details

Heap buffer overflow in WebP in Google Chrome prior to 116.0.5845.187 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page.

References

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

Affected packages

Mageia:9 / libwebp

Package

Name: libwebp
Purl: pkg:rpm/mageia/libwebp?distro=mageia-9

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.3.0-2.1.mga9

Ecosystem specific

{
    "section": "core"
}

Mageia:8 / libwebp

Package

Name: libwebp
Purl: pkg:rpm/mageia/libwebp?distro=mageia-8

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.1.0-2.2.mga8

Ecosystem specific

{
    "section": "core"
}