[Git][security-tracker-team/security-tracker][master] add some webp references

[Moritz Muehlenhoff (@jmm)]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e91d0564 by Moritz Muehlenhoff at 2025-03-27T08:37:14+01:00
add some webp references

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -147377,6 +147377,9 @@ CVE-2023-4863 (Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5
 	NOTE: Fixed by: https://chromium.googlesource.com/webm/libwebp.git/+/902bc9190331343b2017211debcec8d2ab87e17a%5E%21/
 	NOTE: Followup: https://chromium.googlesource.com/webm/libwebp.git/+/95ea5226c870449522240ccff26f0b006037c520%5E%21/#F0
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-40/#CVE-2023-4863
+	NOTE: https://blog.isosceles.com/the-webp-0day/
+	NOTE: https://www.darknavy.org/blog/exploiting_the_libwebp_vulnerability_part_1/
+	NOTE: https://www.darknavy.org/blog/exploiting_the_libwebp_vulnerability_part_2/
 CVE-2023-4840 (The MapPress Maps for WordPress plugin for WordPress is vulnerable to  ...)
 	NOT-FOR-US: MapPress Maps for WordPress plugin for WordPress
 CVE-2023-42472 (Due to insufficient file type validation, SAP BusinessObjectsBusiness  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e91d0564730472cada7b92248d5d63f2cea19041

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e91d0564730472cada7b92248d5d63f2cea19041
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250327/412b2404/attachment.htm>