CVSS 3.1 Score 8.8 of 10 (high)


Published Sep 12, 2023
Updated: Jan 7, 2024
CWE ID 787


CVE-2023-4863 is a vulnerability in libwebp in Google Chrome prior to version 116.0.5845.187 and libwebp 1.3.2. It is a heap buffer overflow that allows a remote attacker to perform an out of bounds memory write through a crafted HTML page. The vulnerability has a high severity rating and requires user interaction for exploitation. It has an exploitability score of 2.8 and a base score of 8.8 according to NIST's CVSS scoring system, indicating a high potential danger to organizations. The attack vector is through the network, and it impacts both integrity and confidentiality, with a high availability impact as well. The vulnerability affects various affected products and the CWE-ID associated with it is CWE-787 (Out-of-bounds Write).

Leverage our Vulnerability Intelligence module to secure your systems now - get detailed insights on CVE-2024-37364. Book your demo today.


Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-4863 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options