Entreprise d'experts en Sécurité Informatique : Audits et conseils en cybersécurité
Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com


CVE-2023-4863

Description

Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical)

POC

Reference

- https://blog.isosceles.com/the-webp-0day/

- https://bugzilla.suse.com/show_bug.cgi?id=1215231

- https://github.com/webmproject/libwebp/commit/902bc9190331343b2017211debcec8d2ab87e17a

- https://news.ycombinator.com/item?id=37478403

- https://stackdiary.com/critical-vulnerability-in-webp-codec-cve-2023-4863/

Github

- https://github.com/07m0i/07m0i.github.io

- https://github.com/0xMarcio/cve

- https://github.com/20142995/nuclei-templates

- https://github.com/Adityadwivedi451/Studydemo

- https://github.com/Andromeda254/cve

- https://github.com/Blaukovitch/GOOGLE_CHROME_Windows_7_CRACK

- https://github.com/CVEDB/awesome-cve-repo

- https://github.com/CVEDB/top

- https://github.com/ChasmOfDeath/DeathSecTerminal-FDroid

- https://github.com/CrackerCat/CVE-2023-4863-

- https://github.com/DanGough/PoshCVE

- https://github.com/DarkNavySecurity/PoC

- https://github.com/Dgporte/ExerciciosDockerPB2025

- https://github.com/GTGalaxi/ElectronVulnerableVersion

- https://github.com/GhostTroops/TOP

- https://github.com/Keeper-Security/gitbook-release-notes

- https://github.com/LiveOverflow/webp-CVE-2023-4863

- https://github.com/Microsvuln/CVE-2023-4863

- https://github.com/Moonshieldgru/Moonshieldgru

- https://github.com/OITApps/Find-VulnerableElectronVersion

- https://github.com/Ostorlab/KEV

- https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors

- https://github.com/SCH227/own-research

- https://github.com/Songg45/CVE-2023-4683-Test

- https://github.com/Threekiii/CVE

- https://github.com/Tougee/GlideWebpDecoder

- https://github.com/Trigii/CVE-2023-42860

- https://github.com/VERA-Model/remediation-scripts

- https://github.com/ZonghaoLi777/githubTrending

- https://github.com/adhitya-cysec/article

- https://github.com/alsaeroth/CVE-2023-4863-POC

- https://github.com/aneasystone/github-trending

- https://github.com/ayeshay1144/Principles-of-Software-Security-

- https://github.com/ayeshay1144/libwebp-cve-fuzzing-analysis

- https://github.com/bbaranoff/CVE-2023-4863

- https://github.com/blusewill/plurk-rss-example

- https://github.com/bollwarm/SecToolSet

- https://github.com/caoweiquan322/NotEnough

- https://github.com/cgohlke/win_arm64-wheels

- https://github.com/hktalent/TOP

- https://github.com/houjingyi233/awesome-fuzz

- https://github.com/huiwen-yayaya/CVE-2023-4863

- https://github.com/jaimin0609/t-shirt-customizer

- https://github.com/jiegec/awesome-stars

- https://github.com/jitendar-singh/securitymind

- https://github.com/johe123qwe/github-trending

- https://github.com/kaitlinmannings/Security_Lab

- https://github.com/maxen11/DroidHunter

- https://github.com/mistymntncop/CVE-2023-4863

- https://github.com/mmomtchev/magickwand.js

- https://github.com/msuiche/elegant-bouncer

- https://github.com/murphysecurity/libwebp-checker

- https://github.com/naugtur/naughty-images

- https://github.com/nomi-sec/PoC-in-GitHub

- https://github.com/sarsaeroth/CVE-2023-4863-POC

- https://github.com/sarsaeroth/sarsaeroth

- https://github.com/talbeerysec/BAD-WEBP-CVE-2023-4863

- https://github.com/tanjiti/sec_profile