CVE-2023-4863: libwebp vulnerability

kalpana · Nov 03, 2023, 05:06 AM

Hello Ubuntu team,

I'm using Qt5 Webkit on Ubuntu 20.04/22.04 and see that it has a dependency on libwebp which also has a Security vulnerability: CVE-2023-4863

Reports say that the issue is resolved after v1.3.2 but this Ubuntu Security link says otherwise:

https://ubuntu.com/security/CVE-2023-4863

I updated to these same latest versions but it conflicts with the version that reports say it is fixed under which is after v1.3.2.

So it CVE-2023-4863 fixed in Ubuntu or not?

Cobra Forum

News:

CVE-2023-4863: libwebp vulnerability

kalpana