486
submitted 4 months ago* (last edited 4 months ago) by hydroptic@sopuli.xyz to c/memes@lemmy.ml
you are viewing a single comment's thread
view the rest of the comments
[-] miridius@lemmy.world 2 points 4 months ago

JPEG-XL is better

Citation needed

[-] optissima@possumpat.io 4 points 4 months ago

In September 2023, two critical vulnerabilities[108] relating to WebP images were discovered by Apple Security Engineering and Architecture (SEAR) and the Citizen Lab, potentially affecting Google Chrome, Chromium-based browsers and the Google's libwebp project, among any application implementing libwebp. Among these vulnerabilities, CVE-2023-4863 was an actively exploited vulnerability with a high risk rating of CVSS 8.8. This could lead to an out of bounds/overflow condition in applications using the affected libwebp library, upon exploitation of a maliciously crafted .webp lossless file. This could result in a denial of service (DoS), or worse, enabling malicious remote code execution (RCE). The extensive use of libwebp packages across hundreds of applications, including all categories from web browsers to mobile apps, posed a major patching challenge to mitigate the vulnerability due to the demanding testing requirements before release, highlighting the implications of this vulnerability on a wide scale.

https://en.m.wikipedia.org/w/index.php?title=WebP

[-] miridius@lemmy.world 1 points 4 months ago

So what, we're not supposed to use any library that's ever had a vulnerability? You better go uninstall literally everything on your computer then

[-] gianni@lemmy.ml 1 points 4 months ago

It is a modern successor to formats like WebP & JPEG. WebP was barely competitive with JPEG

this post was submitted on 08 Jul 2024
486 points (98.4% liked)

Memes

45560 readers
690 users here now

Rules:

  1. Be civil and nice.
  2. Try not to excessively repost, as a rule of thumb, wait at least 2 months to do it if you have to.

founded 5 years ago
MODERATORS