My Oracle Support Banner

Chrome LibWebP Vulnerability (Doc ID 2979691.1)

Last updated on OCTOBER 24, 2023

Applies to:

Oracle Documaker - Version 12.7 and later
Information in this document applies to any platform.

Goal

A new vulnerability has been identified, CVE-2023-4863, specifically a Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187. Libwebp 1.3.1 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical)

Does the listed Oracle products utilize libwebp or packaged software or frameworks that utilize this component?

Documaker Standard Edition 12.7
Docupresentment 12.7
Documerge v3.2.0



Solution

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Goal
Solution


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.