CVE-2023-4863
Description
Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical)
Severity: HIGH
CVE ID: CVE-2023-4863
CVSS Score: 8.8
CVSS Metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Proof Of Concept
mistymntncop
Refrence: GitHub
bbaranoff
Refrence: GitHub
talbeerysec
BAD-WEBP-CVE-2023-4863
Refrence: GitHub
OITApps
Scans an executable and determines if it was wrapped in an Electron version vulnerable to the Chromium vulnerability CVE-2023-4863/ CVE-2023-5129
Refrence: GitHub
GTGalaxi
Find Electron Apps Vulnerable to CVE-2023-4863 / CVE-2023-5129
Refrence: GitHub
murphysecurity
A tool for finding vulnerable libwebp(CVE-2023-4863)
Refrence: GitHub
LiveOverflow
Refrence: GitHub
caoweiquan322
This tool calculates tricky canonical huffman histogram for CVE-2023-4863.
Refrence: GitHub
CrackerCat
Triggering the famous libweb 0day vuln with libfuzzer
Refrence: GitHub
alsaeroth
C implementation of libwebp 0-click vulnerability
Refrence: GitHub