Last 12 weeks · 0 commits
4 of 6 standards met
If one image with color palette CMYK, then error and stop converting. Details: code: 255 killed: false stdout: stderr: Unsupported color conversion request Error! Could not process file /tmp/da030ffb-2c8c-4b43-98d7-d4e26b5f4b99 Error! Cannot read input picture file '/tmp/da030ffb-2c8c-4b43-98d7-d4e26b5f4b99' How continue after error. plumber() did not help.
As we can see - https://devhub.checkmarx.com/cve-details/CVE-2023-4863/ says that package is vulnerable. Description: A Heap-Based Buffer Overflow vulnerability in "libwebp" in versions prior to 1.3.2 allows an attacker to perform an out-of-bounds memory write. The vulnerability could be exploited by a remote attacker via a crafted HTML page, potentially leading to unauthorized code execution or a denial of service condition. To exploit the vulnerability, the user must be able to manipulate the value in "color_cache_bits". This package is used by various applications that are also affected if a vulnerable version of "libwebp" is in use, including Google Chrome in versions prior to 116.0.5845.187.**
Repository: sindresorhus/gulp-webp. Description: Convert images to WebP Stars: 219, Forks: 18. Primary language: JavaScript. Languages: JavaScript (100%). License: MIT. Topics: convert-images, gulp-plugin, image-processing, javascript, nodejs, webp. Latest release: v5.1.0 (9mo ago). Open PRs: 0, open issues: 0. Last activity: 9mo ago. Community health: 71%. Top contributors: sindresorhus, courtneypattison, yocontra, kevva, shinnn.