CVE-2023-4863

GPTKB entity

Statements (26)
Predicate Object
gptkbp:instanceOf gptkb:security
gptkbp:affectedComponent gptkb:libwebp
gptkbp:affectedSoftware gptkb:Google_Chrome
gptkb:Mozilla_Firefox
gptkb:Microsoft_Edge
gptkb:Apple_Safari
gptkbp:citation https://www.mozilla.org/en-US/security/advisories/mfsa2023-40/
https://security.googleblog.com/2023/09/a-note-on-cve-2023-4863.html
https://nvd.nist.gov/vuln/detail/CVE-2023-4863
https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_11.html
gptkbp:cweId CWE-122
gptkbp:describes Heap buffer overflow in WebP image format in Google Chrome prior to 116.0.5845.187 and other products.
gptkbp:exploitStatus Exploited in the wild
gptkbp:hasCVSSScore 8.8
gptkbp:hasSeverity High
https://www.w3.org/2000/01/rdf-schema#label CVE-2023-4863
gptkbp:patchedBy Google Chrome 116.0.5845.187
Microsoft Edge 116.0.1938.81
Mozilla Firefox 117.0.1
libwebp 1.3.2
gptkbp:publicationDate 2023-09-11
gptkbp:vectorFor Remote
gptkbp:vulnerableTo gptkb:CVE-2023-4863
heap buffer overflow
gptkbp:bfsParent gptkb:APT3
gptkbp:bfsLayer 7