CVE-2023-4863 Flatpak notes

In case anyone’s interested, I did a quick bit of research into whether flatpaks I was running have fixed CVE-2023-4863, the recent 0-day in libwebp that was initially reported as a Chrome vulnerability but actually affects all sorts of stuff (anything that might have libwebp bundled or statically linked). Feel free to add your own!

1 Like