all InfoSec news
Critical Zero-Day Vulnerability in ‘libwebp’: CVE-2023-4863 Reassigned as CVE-2023-5129
Malware Analysis, News and Indicators - Latest topics malware.news
Google has issued a new CVE identifier for a critical zero-day vulnerability that is under active exploitation. The vulnerability, labeled CVE-2023-5129, was initially misidentified as a Chrome vulnerability (CVE-2023-4863). However, it has been revealed that the vulnerability affects the libwebp image library used for rendering images in WebP format, specifically stemming from the Huffman coding algorithm.
The libwebp image library is integrated into nearly every operating system and application, including those built on Electron. Consequently, the CVE-2023-5129 vulnerability …
chrome critical cve cve-2023-4863 exploitation google image images library libwebp under vulnerability webp zero-day zero-day vulnerability