CarderPlanet
Professional
- Messages
- 2,549
- Reaction score
- 724
- Points
- 113
The Document Foundation has announced the publication of unscheduled corrective releases of the LibreOffice 7.6.2 and 7.5.7 office suite, which was exposed to vulnerabilities (CVE-2023-4863, CVE-2023-5129) in the libwebp library. LibreOffice supports inserting images in WebP format and uses vulnerable code from the libwebp library to process them. The vulnerability allows you to execute malicious code when processing specially designed data in WebP format in LibreOffice.
The libwebp vulnerability affects Chrome, Safari, Firefox, Thunderbird, and numerous products that use libwebp, the Chromium engine, or the Electron platform. For example, the vulnerability indirectly affected such popular applications as Discord, GitHub Desktop, Mattermost, Signal, Edge, Brave, Opera, Slack, Twitch, Visual Studio Code, Android, 1Password and Telegram.
The libwebp vulnerability affects Chrome, Safari, Firefox, Thunderbird, and numerous products that use libwebp, the Chromium engine, or the Electron platform. For example, the vulnerability indirectly affected such popular applications as Discord, GitHub Desktop, Mattermost, Signal, Edge, Brave, Opera, Slack, Twitch, Visual Studio Code, Android, 1Password and Telegram.
