admin/cve
1
0
Fork 0
mirror of https://github.com/0xMarcio/cve.git synced 2025-05-06 02:31:38 +00:00
Code Issues Packages Projects Releases Wiki Activity
cve/2023/CVE-2023-4863.md
0xMarcio 48a00929ac Removed duplicates
2024-06-18 02:51:15 +02:00

62 lines
2.9 KiB
Markdown
Raw Blame History

### [CVE-2023-4863](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4863)
![](https://img.shields.io/static/v1?label=Product&message=Chrome&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=libwebp&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=1.3.2%3C%201.3.2%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Version&message=116.0.5845.187%3C%20116.0.5845.187%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Heap%20buffer%20overflow&color=brighgreen)
### Description
Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical)
### POC
#### Reference
- https://blog.isosceles.com/the-webp-0day/
- https://bugzilla.suse.com/show_bug.cgi?id=1215231
- https://news.ycombinator.com/item?id=37478403
- https://stackdiary.com/critical-vulnerability-in-webp-codec-cve-2023-4863/
#### Github
- https://github.com/0xMarcio/cve
- https://github.com/Blaukovitch/GOOGLE_CHROME_Windows_7_CRACK
- https://github.com/CVEDB/awesome-cve-repo
- https://github.com/CVEDB/top
- https://github.com/CrackerCat/CVE-2023-4863-
- https://github.com/DanGough/PoshCVE
- https://github.com/DarkNavySecurity/PoC
- https://github.com/GTGalaxi/ElectronVulnerableVersion
- https://github.com/GhostTroops/TOP
- https://github.com/Keeper-Security/gitbook-release-notes
- https://github.com/LiveOverflow/webp-CVE-2023-4863
- https://github.com/Microsvuln/CVE-2023-4863
- https://github.com/Moonshieldgru/Moonshieldgru
- https://github.com/OITApps/Find-VulnerableElectronVersion
- https://github.com/Ostorlab/KEV
- https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
- https://github.com/Songg45/CVE-2023-4683-Test
- https://github.com/Threekiii/CVE
- https://github.com/Tougee/GlideWebpDecoder
- https://github.com/ZonghaoLi777/githubTrending
- https://github.com/alsaeroth/CVE-2023-4863-POC
- https://github.com/aneasystone/github-trending
- https://github.com/bbaranoff/CVE-2023-4863
- https://github.com/blusewill/plurk-rss-example
- https://github.com/bollwarm/SecToolSet
- https://github.com/caoweiquan322/NotEnough
- https://github.com/cgohlke/win_arm64-wheels
- https://github.com/hktalent/TOP
- https://github.com/houjingyi233/awesome-fuzz
- https://github.com/huiwen-yayaya/CVE-2023-4863
- https://github.com/jiegec/awesome-stars
- https://github.com/johe123qwe/github-trending
- https://github.com/mistymntncop/CVE-2023-4863
- https://github.com/mmomtchev/magickwand.js
- https://github.com/msuiche/elegant-bouncer
- https://github.com/murphysecurity/libwebp-checker
- https://github.com/naugtur/naughty-images
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/talbeerysec/BAD-WEBP-CVE-2023-4863
- https://github.com/tanjiti/sec_profile
Reference in New Issue View Git Blame Copy Permalink