Security Vulnerability found in libwebp library #738
Unanswered
jackyk-cognitoiq
asked this question in
General
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
Uh oh!
There was an error while loading. Please reload this page.
-
I noticed there has been a security vulnerability found in the libwebp library (https://nvd.nist.gov/vuln/detail/CVE-2023-4863#range-9599713). Can someone confirm whether the Google ML Kit library uses it or not?
I can see it listed in the licenses as using v0.2. Is that the correct version the library is using?
I believe there is already a patch for the libwebp library to address this (v1.3.2), if the Google ML Kit library do use libwebp, is there any plans for it to be updated?
Beta Was this translation helpful? Give feedback.
All reactions