this post was submitted on 08 Jul 2024
486 points (98.4% liked)

Memes

45569 readers
1784 users here now

Rules:

  1. Be civil and nice.
  2. Try not to excessively repost, as a rule of thumb, wait at least 2 months to do it if you have to.

founded 5 years ago
MODERATORS
486
submitted 4 months ago* (last edited 4 months ago) by hydroptic@sopuli.xyz to c/memes@lemmy.ml
 
you are viewing a single comment's thread
view the rest of the comments
[–] miridius@lemmy.world 2 points 4 months ago (2 children)

JPEG-XL is better

Citation needed

[–] optissima@possumpat.io 4 points 4 months ago (1 children)

In September 2023, two critical vulnerabilities[108] relating to WebP images were discovered by Apple Security Engineering and Architecture (SEAR) and the Citizen Lab, potentially affecting Google Chrome, Chromium-based browsers and the Google's libwebp project, among any application implementing libwebp. Among these vulnerabilities, CVE-2023-4863 was an actively exploited vulnerability with a high risk rating of CVSS 8.8. This could lead to an out of bounds/overflow condition in applications using the affected libwebp library, upon exploitation of a maliciously crafted .webp lossless file. This could result in a denial of service (DoS), or worse, enabling malicious remote code execution (RCE). The extensive use of libwebp packages across hundreds of applications, including all categories from web browsers to mobile apps, posed a major patching challenge to mitigate the vulnerability due to the demanding testing requirements before release, highlighting the implications of this vulnerability on a wide scale.

https://en.m.wikipedia.org/w/index.php?title=WebP

[–] miridius@lemmy.world 1 points 4 months ago

So what, we're not supposed to use any library that's ever had a vulnerability? You better go uninstall literally everything on your computer then

[–] gianni@lemmy.ml 1 points 4 months ago (1 children)

It is a modern successor to formats like WebP & JPEG. WebP was barely competitive with JPEG

[–] miridius@lemmy.world 1 points 4 months ago (1 children)

WebP was barely competitive with JPEG

Citation needed