![]() ![]() ![]() The CVE-2023-4863 vulnerability can be found in this library, specifically in the BuildHuffmanTable function used to validate the input data. Google developed an open source library for manipulating images in WebP format, known as Libwebp, providing tools and functionality for encoding and decoding images in this format. Thanks to WebP, developers and webmasters have the ability to generate more compact, high-quality images, which leads to a significant improvement in the loading speed of web pages. WebP is an image format that offers superior lossless and lossy compression for images on the Web. ![]() On September 6th, 2023 Apple Security Engineering and Architecture (SEAR) and The Citizen Lab at the University of Toronto reported a critical vulnerability affecting an image compression library used in Chromium and other software solutions that support WebP images. Please contact your LSP for more information or any questions you may have.The vulnerability CVE-2023-4863 is found in the open source Libwebp library and affects browsers such as Mozilla, Chrome and Edge Mozilla Firefox: Firefox 117.0.1 Firefox ESR 115.2.1 Thunderbird 115.2.2. ![]() Google Chrome: Version 1.187 (Mac / Linux) version 1.187/.188 (Windows).While many web browsers are set to automatically update, we strongly encourage everyone using computers not supported by PMACS or Penn Medicine Information Services to take steps to verify their browser is updated to at least one of the versions below: To date, significant progress has been made in updating browsers on managed computers and reducing the risk of exposure. Penn Medicine Academic Computing Services along with Penn Medicine Information Services began upgrading the browser software on all managed and support devices across PSOM and UPHS. This code is widely used in many different software programs, especially all the major web browsers (Google Chrome, Mozilla Firefox, Apple Safari, and Microsoft Edge). Last week, Google disclosed additional information regarding a security vulnerability in a widely shared piece of code that allows malicious actors to take over remote control of a computer. 10/02/23 Attention: Significant Security Vulnerability Affecting Google Chrome, Microsoft Edge, Mozilla Firefox ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |