中文 | EN
This tool checks if your server's application or process that is affected by CVE-2023-4863 libwebp Heap buffer overflow (Version above 0.5.0).
Run this script in your production environment carefully.
Scan Result
- CVE-2023-4863 vulnerability affects libwebp versions 0.5.0 to 1.3.1. It identifies the affected libwebp by analyzing the processes' opened files and the target application files.
- Starting from libwebp version 0.5.0, new export functions,
WebPCopyPlane
andWebPCopyPixels
, were introduced. The vulnerable function isVP8LBuildHuffmanTable
. Therefore, one can identify libwebp versions with vulnerabilities by matching these function names in the files. - In the security version 1.3.2, the
VP8LHuffmanTablesAllocate
function was added. If the target file has not been stripped, this function can also serve as a basis for version identification.
In local or server environments, it aims to inspect specific paths, all running processes' binary files, jar packages, and rpm packages to determine if there is a dependency on the vulnerable component of libwebp.
We analyze components from the Maven Central Repository to obtain hashes for the affected components, and we keep this data continuously updated. You can use this data for matching after authenticating with an access token from the MurphySec.com, which helps save analysis time.
Go to MurphySec platform - Access Token, click the copy button after the Token, then the access token is copied to the clipboard.
bash libwebp-checker.sh --token Your_Token_From_Console -f /path_you_want_scan/
bash libwebp-checker.sh --token Your_Token_From_Console -p
It will print the affected filenames, process IDs and matched string keywords, such as WebPCopyPlane,WebPCopyPlane. To help further analysis and update the component.
ai.edgestore:engine
app.cash.paparazzi:layoutlib-native-linux
app.cash.paparazzi:native-linux
cn.ellabook:flutter-saassdk
cn.ellabook:saassdk
cn.fly2think:SmartPanorama
cn.fly2think:SmartPanoramaX
cn.rongcloud.sdk:fu_beautifier
com.aiyaapp.aiya:AyEffectSDK
com.computinglaboratory:opencv
com.criteo:jvips
com.eworkcloud.starter:ework-cloud-starter-image
com.eworkcloud:ework-cloud-starter-image
com.facebook.fresco:webpsupport
com.facebook.spectrum:spectrum-webp
com.freeletics.fork.paparazzi:layoutlib-native-linux
com.github.gotson:webp-imageio
com.github.jenly1314.WeChatQRCode:opencv-armv64
com.github.jenly1314.WeChatQRCode:opencv-armv7a
com.github.jenly1314.WeChatQRCode:opencv-x86
com.github.jenly1314.WeChatQRCode:opencv-x86_64
com.github.usefulness:webp-imageio
com.github.zjupure:webpdecoder
com.innov8tif.okaycam:opencv
com.innov8tif.okayid:opencv
com.scanzy:ScanzyBarcodeScannerSDK
com.waicool20.skrypton:skrypton-native-linux64
de.marcreichelt:webp-backport
de.sg-o.lib:opencv
id.mob:api-client
io.bitbucket.mobscannersdk:customdocscannerlib
io.bitbucket.mobscannersdk:docscannerlib
io.github.anylifezlb:slientEngine
io.github.darkxanter:webp-imageio
io.github.greycode:ocrlite
io.github.humbleui:skija-linux
io.github.humbleui:skija-linux-x64
io.github.izuiyou:octoflutter
io.github.jiemakel:octavo-assembly_2.12
io.github.zumikua:webploader-desktop
io.johnsonlee.layoutlib:native-linux
io.tiledb:tiledb-cloud-java
net.ifok.image:webp4j
org.demen.android.opencv:opencv
org.demen.android.opencv:opencv-img
org.demen.android.opencv:opencv_world
org.godotengine:godot
org.jetbrains.skiko:skiko-awt-runtime-linux-arm64
org.jetbrains.skiko:skiko-awt-runtime-linux-x64
org.jetbrains.skiko:skiko-jvm-runtime-linux-arm64
org.jetbrains.skiko:skiko-jvm-runtime-linux-x64
org.lucee:sejda-webp
org.openpnp:opencv
org.pireco:kypsdk
org.robolectric:nativeruntime-dist-compat
org.sejda.imageio:webp-imageio
org.sejda.webp-imageio:webp-imageio-sejda
science.aist:aistcv
Contact our official WeChat account, and we'll add you into the group for communication.