VulnerableCode Package Details - pkg:conan/libwebp@1.3.1

Search for packages

Vulnerability	Summary	Fixed by
VCID-5557-vu7d-aaaa Aliases: CVE-2023-4863 GHSA-j7hp-h8jx-5ppr	Heap buffer overflow in WebP in Google Chrome prior to 116.0.5845.187 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical)	1.3.2 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-5557-vu7d-aaaa
Aliases:
CVE-2023-4863
GHSA-j7hp-h8jx-5ppr

Heap buffer overflow in WebP in Google Chrome prior to 116.0.5845.187 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical)

1.3.2
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
VCID-2svv-d2xq-aaan	There exists a use after free/double free in libwebp. An attacker can use the ApplyFiltersAndEncode() function and loop through to free best.bw and assign best = trial pointer. The second loop will then return 0 because of an Out of memory error in VP8 encoder, the pointer is still assigned to trial and the AddressSanitizer will attempt a double free.	CVE-2023-1999

Vulnerability

Summary

Aliases

VCID-2svv-d2xq-aaan

There exists a use after free/double free in libwebp. An attacker can use the ApplyFiltersAndEncode() function and loop through to free best.bw and assign best = trial pointer. The second loop will then return 0 because of an Out of memory error in VP8 encoder, the pointer is still assigned to trial and the AddressSanitizer will attempt a double free.

CVE-2023-1999

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-06-20T16:42:21.488758+00:00	GitLab Importer	Affected by	VCID-5557-vu7d-aaaa	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libwebp/CVE-2023-4863.yml	36.1.3
2025-06-20T16:42:17.237891+00:00	GitLab Importer	Affected by	VCID-5557-vu7d-aaaa	None	36.1.3
2025-06-20T16:35:20.404727+00:00	GitLab Importer	Fixing	VCID-2svv-d2xq-aaan	None	36.1.3
2025-06-20T16:35:19.958599+00:00	GitLab Importer	Fixing	VCID-2svv-d2xq-aaan	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libwebp/CVE-2023-1999.yml	36.1.3
2025-06-03T23:20:47.516506+00:00	GitLab Importer	Affected by	VCID-5557-vu7d-aaaa	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libwebp/CVE-2023-4863.yml	36.1.0
2025-06-03T23:20:43.670222+00:00	GitLab Importer	Affected by	VCID-5557-vu7d-aaaa	None	36.1.0
2025-06-03T23:14:08.494772+00:00	GitLab Importer	Fixing	VCID-2svv-d2xq-aaan	None	36.1.0
2025-06-03T23:14:08.106142+00:00	GitLab Importer	Fixing	VCID-2svv-d2xq-aaan	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libwebp/CVE-2023-1999.yml	36.1.0
2025-06-02T23:17:58.555262+00:00	GitLab Importer	Affected by	VCID-5557-vu7d-aaaa	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libwebp/CVE-2023-4863.yml	36.1.2
2025-06-02T23:17:54.463765+00:00	GitLab Importer	Affected by	VCID-5557-vu7d-aaaa	None	36.1.2
2025-06-02T23:11:10.027255+00:00	GitLab Importer	Fixing	VCID-2svv-d2xq-aaan	None	36.1.2
2025-06-02T23:11:09.610786+00:00	GitLab Importer	Fixing	VCID-2svv-d2xq-aaan	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libwebp/CVE-2023-1999.yml	36.1.2
2025-04-03T21:33:58.026529+00:00	GitLab Importer	Affected by	VCID-5557-vu7d-aaaa	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libwebp/CVE-2023-4863.yml	36.0.0
2025-04-03T21:33:48.685674+00:00	GitLab Importer	Affected by	VCID-5557-vu7d-aaaa	None	36.0.0
2025-04-03T21:19:55.588564+00:00	GitLab Importer	Fixing	VCID-2svv-d2xq-aaan	None	36.0.0
2025-04-03T21:19:54.355270+00:00	GitLab Importer	Fixing	VCID-2svv-d2xq-aaan	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libwebp/CVE-2023-1999.yml	36.0.0
2025-02-18T01:05:47.264467+00:00	GitLab Importer	Affected by	VCID-5557-vu7d-aaaa	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libwebp/CVE-2023-4863.yml	35.1.0
2025-02-18T01:05:47.161633+00:00	GitLab Importer	Affected by	VCID-5557-vu7d-aaaa	None	35.1.0
2025-02-18T00:51:06.778571+00:00	GitLab Importer	Fixing	VCID-2svv-d2xq-aaan	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libwebp/CVE-2023-1999.yml	35.1.0
2025-02-18T00:51:06.725055+00:00	GitLab Importer	Fixing	VCID-2svv-d2xq-aaan	None	35.1.0
2024-11-20T23:30:51.131698+00:00	GitLab Importer	Affected by	VCID-5557-vu7d-aaaa	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libwebp/CVE-2023-4863.yml	35.0.0
2024-11-20T23:21:14.550710+00:00	GitLab Importer	Fixing	VCID-2svv-d2xq-aaan	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libwebp/CVE-2023-1999.yml	35.0.0
2024-11-18T23:19:43.350681+00:00	GitLab Importer	Affected by	VCID-5557-vu7d-aaaa	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libwebp/CVE-2023-4863.yml	34.3.2
2024-11-18T23:08:54.398169+00:00	GitLab Importer	Fixing	VCID-2svv-d2xq-aaan	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libwebp/CVE-2023-1999.yml	34.3.2
2024-10-08T00:17:07.614079+00:00	GitLab Importer	Affected by	VCID-5557-vu7d-aaaa	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libwebp/CVE-2023-4863.yml	34.0.2
2024-10-08T00:08:07.542697+00:00	GitLab Importer	Fixing	VCID-2svv-d2xq-aaan	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libwebp/CVE-2023-1999.yml	34.0.2
2024-09-23T00:31:07.725755+00:00	GitLab Importer	Affected by	VCID-5557-vu7d-aaaa	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libwebp/CVE-2023-4863.yml	34.0.1
2024-09-17T22:47:58.759286+00:00	GitLab Importer	Fixing	VCID-2svv-d2xq-aaan	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libwebp/CVE-2023-1999.yml	34.0.1
2024-04-24T02:42:03.733303+00:00	GitLab Importer	Affected by	VCID-5557-vu7d-aaaa	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libwebp/CVE-2023-4863.yml	34.0.0rc4
2024-04-24T02:42:03.576953+00:00	GitLab Importer	Affected by	VCID-5557-vu7d-aaaa	None	34.0.0rc4
2024-04-24T02:36:09.003498+00:00	GitLab Importer	Fixing	VCID-2svv-d2xq-aaan	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libwebp/CVE-2023-1999.yml	34.0.0rc4
2024-04-24T02:36:08.910846+00:00	GitLab Importer	Fixing	VCID-2svv-d2xq-aaan	None	34.0.0rc4
2024-01-10T05:17:22.665934+00:00	GitLab Importer	Affected by	VCID-5557-vu7d-aaaa	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libwebp/CVE-2023-4863.yml	34.0.0rc2
2024-01-10T05:17:22.522715+00:00	GitLab Importer	Affected by	VCID-5557-vu7d-aaaa	None	34.0.0rc2
2024-01-10T05:11:32.783336+00:00	GitLab Importer	Fixing	VCID-2svv-d2xq-aaan	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libwebp/CVE-2023-1999.yml	34.0.0rc2
2024-01-10T05:11:32.692182+00:00	GitLab Importer	Fixing	VCID-2svv-d2xq-aaan	None	34.0.0rc2
2024-01-03T22:05:13.703906+00:00	GitLab Importer	Affected by	VCID-5557-vu7d-aaaa	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libwebp/CVE-2023-4863.yml	34.0.0rc1
2024-01-03T22:05:13.547916+00:00	GitLab Importer	Affected by	VCID-5557-vu7d-aaaa	None	34.0.0rc1
2024-01-03T21:59:17.591160+00:00	GitLab Importer	Fixing	VCID-2svv-d2xq-aaan	None	34.0.0rc1
2024-01-03T18:09:03.320746+00:00	GitLab Importer	Fixing	VCID-2svv-d2xq-aaan	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libwebp/CVE-2023-1999.yml	34.0.0rc1

2025-06-20T16:42:21.488758+00:00

GitLab Importer

Affected by

Next non-vulnerable version	1.3.2
Latest non-vulnerable version	1.3.2
Risk	10.0