2 matches found
GHSA-F9PM-4G9P-6VM3 Bundled libwebp in pywebp vulnerable
Impact pywebp versions before v0.3.0 bundled libwebp binaries in wheels that are vulnerable to CVE-2023-4863. The vulnerability was a heap buffer overflow which allowed a remote attacker to perform an out of bounds memory write. Patches The problem has been patched upstream in libwebp 1.3.2. pywe...
Bundled libwebp in pywebp vulnerable
Impact pywebp versions before v0.3.0 bundled libwebp binaries in wheels that are vulnerable to CVE-2023-4863. The vulnerability was a heap buffer overflow which allowed a remote attacker to perform an out of bounds memory write. Patches The problem has been patched upstream in libwebp 1.3.2. pywe...