LibWebP Notification

LibWebP Vulnerability Notification

Published: October 10, 2023

Version: 1.0

Executive Summary

AvePoint is releasing this security advisory to inform customers that we are aware of the LibWebP vulnerability (CVE-2023-4863).

Advisory Details

AvePoint does not use LibWebP for any services or solutions. At this point, after internal investigation and to the best knowledge of AvePoint Security and IT teams, AvePoint has not faced any adverse results of the vulnerability.

Suggested Actions

Security Actions - No additional action is required.

Mitigation Steps - Not needed at this moment.

AvePoint implements best-in-class techniques for identifying, protecting, and detecting cybersecurity threats.

The information security and data privacy of our customers is AvePoint’s highest priority. If you have any questions about this and/or you are contacted by anyone else about this issue, please contact our security team immediately at

For your additional information please find AvePoint’s reporting policy and response plan: