Cve-2023-4863 - open-source libwebp library

  • Community Edition
  • Version 9.9.2 (build 77730)

Just info if Sonarqube is affected by the last vulnerability discovered in open-source libwebp library

Thanks in advance



did a search yesterday and could not find any reference to libwebp neither in Sonarqube 9.9 LTS / 10.2
nor in Apache httpd (used as reverse proxy).

Otherwise i had findings, i.e. in IntelliJ 2023.2



1 Like

See our announcement here: