Fedora 37 : firefox (2023-31fe7ee034)

The remote Fedora 37 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-31fe7ee034 advisory. - Updated to latest upstream 117.0.1 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has n...

Fedora 38 : libwebp (2023-c4fa8a204d)

The remote Fedora 38 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-c4fa8a204d advisory. Backport fix for CVE-2023-4863. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

Ubuntu 20.04 LTS : Firefox vulnerability (USN-6367-1)

The remote Ubuntu 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6367-1 advisory. It was discovered that Firefox did not properly manage memory when handling WebP images. If a user were tricked into opening a webpage containing malicious WebP...

Debian DSA-5497-1 : libwebp - security update

The remote Debian 12 host has packages installed that are affected by a vulnerability as referenced in the dsa-5497 advisory. A buffer overflow in parsing WebP images may result in the execution of arbitrary code. For the stable distribution bookworm, this problem has been fixed in version...

openSUSE 15 Security Update : chromium (openSUSE-SU-2023:0246-1)

The remote openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2023:0246-1 advisory. - Heap buffer overflow in WebP in Google Chrome prior to 116.0.5845.187 allowed a remote attacker to perform an out of bounds memory write via a crafted...

Slackware Linux 15.0 / current libwebp Vulnerability (SSA:2023-257-01)

The version of libwebp installed on the remote host is prior to 1.3.2. It is, therefore, affected by a vulnerability as referenced in the SSA:2023-257-01 advisory. - Heap buffer overflow in WebP in Google Chrome prior to 116.0.5845.187 allowed a remote attacker to perform an out of bounds memory...

Debian DSA-5496-1 : firefox-esr - security update

The remote Debian 11 / 12 host has packages installed that are affected by a vulnerability as referenced in the dsa-5496 advisory. - Heap buffer overflow in WebP in Google Chrome prior to 116.0.5845.187 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page...

Google Chromium WebP Heap-Based Buffer Overflow Vulnerability

Google Chromium WebP contains a heap-based buffer overflow vulnerability that allows a remote attacker to perform an out-of-bounds memory write via a crafted HTML page. This vulnerability can affect applications that use the WebP Codec...

libwebp: OOB write in BuildHuffmanTable

Heap buffer overflow in libwebp allow a remote attacker to perform an out of bounds memory write via a crafted HTML page...

CVE-2023-4863

Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: Critical...

ALPINE-CVE-2023-4863

Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: Critical...

CVE-2023-4863

Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: Critical...

DEBIAN-CVE-2023-4863

Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: Critical...

Heap overflow

Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: Critical...

CVE-2023-4863

Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: Critical...

CVE-2023-4863

Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: Critical...

CVE-2023-4863

Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: Critical...

CVE-2023-4863

Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: Critical...

CVE-2023-4863

Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: Critical Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value:...

Google Chrome < 117.0.5938.62 Multiple Vulnerabilities

The version of Google Chrome installed on the remote Windows host is prior to 117.0.5938.62. It is, therefore, affected by multiple vulnerabilities as referenced in the 202309stable-channel-update-for-desktop12 advisory. - Inappropriate implementation in Interstitials in Google Chrome prior to...