Does new Release of Magick.NET 13.3.0 address Webp - Heap Buffer Overflow vulnerability #6664
Unanswered
emiliocacayoren
asked this question in
Help
Replies: 3 comments 7 replies
-
This issue was remediated in the latest release of Windows ImageMagick. @dlemstra, can you confirm? |
Beta Was this translation helpful? Give feedback.
0 replies
-
There was an update of libwebp to version 1.3.2 that resolves this issue as you can see in the release notes here: https://github.com/dlemstra/Magick.NET/releases/tag/13.3.0. |
Beta Was this translation helpful? Give feedback.
2 replies
-
Excuse my ignorance @dlemstra but is this patch also in ImageMagick or just Magick.NET? |
Beta Was this translation helpful? Give feedback.
5 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
ImageMagick version
13.3.0
Operating system, version and so on
Windows
Description
Does this update address the "webp buffer overflow" vulnerability in Google Chrome, which potentially affects MagicNET,
https://nvd.nist.gov/vuln/detail/CVE-2023-4863…
Wondering if there is any plan to release or patch for overcome this vulnerability. Thanks!
Beta Was this translation helpful? Give feedback.
All reactions