all InfoSec news
Resolving WebP Zero-day Vulnerability CVE-2023-4863
Sept. 29, 2023, 2:12 p.m. | Nova Trauben@veracode.com (Nova Trauben)
Application Security Research, News, and Education Blog www.veracode.com
Webp is the backbone of the webp extension. Any image that is saved to the webp image format most likely was created using the webp library. The library was released in 2010 by Google.
The History of the Webp Vulnerability CVE-2023-4863
The first CVE for this webp vulnerability was disclosed in CVE-2023-41061, but note how the description does not mention the root of the issue anywhere. Then Google released CVE-2023-4863, which was the first actual mention of …
cve cve-2023-41061 cve-2023-4863 extension google history image library vulnerability webp zero-day zero-day vulnerability
More from www.veracode.com / Application Security Research, News, and Education Blog
These 5 Critical Capabilities Enhance DevSecOps Effectiveness
2 days, 13 hours ago |
www.veracode.com
Understanding PCI DSS 4.0: What You Need to Know
4 days, 14 hours ago |
www.veracode.com
New in Veracode Fix: Additional Language Support and Batch Fix
1 month, 1 week ago |
www.veracode.com
Enhancing Developer Efficiency With AI-Powered Remediation
1 month, 1 week ago |
www.veracode.com
Jobs in InfoSec / Cybersecurity
CyberSOC Technical Lead
@ Integrity360 | Sandyford, Dublin, Ireland
Cyber Security Strategy Consultant
@ Capco | New York City
Cyber Security Senior Consultant
@ Capco | Chicago, IL
Sr. Product Manager
@ MixMode | Remote, US
Corporate Intern - Information Security (Year Round)
@ Associated Bank | US WI Remote
Senior Offensive Security Engineer
@ CoStar Group | US-DC Washington, DC