← ExploitWatch
HomeExploited Vulnerabilities

CVE-2023-4863 — Actively Exploited: Chromium WebP (Google)

Google Chromium WebP contains a heap-based buffer overflow vulnerability that allows a remote attacker to perform an out-of-bounds memory write via a crafted HTML page. This vulnerability can affect applications that use the WebP Codec.

CVE IDCVE-2023-4863
VendorGoogle
ProductChromium WebP
Vulnerability nameGoogle Chromium WebP Heap-Based Buffer Overflow Vulnerability
Date added2023-09-13
Remediation due2023-10-04
Known ransomware useUnknown
Required actionApply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
DescriptionGoogle Chromium WebP contains a heap-based buffer overflow vulnerability that allows a remote attacker to perform an out-of-bounds memory write via a crafted HTML page. This vulnerability can affect applications that use the WebP Codec.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →