VulnerableCode Package Details - pkg:cargo/libwebp-sys@0.3.2

Search for packages

Package details: pkg:cargo/libwebp-sys@0.3.2

Essentials
History (1)

purl	pkg:cargo/libwebp-sys@0.3.2

Next non-vulnerable version	0.9.3
Latest non-vulnerable version	0.9.3
Risk	10.0

Vulnerabilities affecting this package (1)

Vulnerability	Summary	Fixed by
VCID-pe8x-79nr-3qg4 Aliases: CVE-2023-4863 GHSA-j7hp-h8jx-5ppr	Opening a malicious WebP image could lead to a heap buffer overflow in the content process. We are aware of this issue being exploited in other products in the wild. Note: This advisory was previously also tracked as CVE-2023-5129.	0.9.3 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-08-01T09:29:28.725982+00:00	GHSA Importer	Affected by	VCID-pe8x-79nr-3qg4	https://github.com/advisories/GHSA-j7hp-h8jx-5ppr	37.0.0