Article - CS402981
Windchill Workgroup Manager and Google Chrome (CVE-2023-4863)
Modified: 02-Apr-2024
Applies To
- Windchill PDMLink 12.0.2.0 to 13.0.0.0
- Windchill ProjectLink 12.0.2.0 to 13.0.0.0
- Windchill Workgroup Manager 13.0.0.0 and earlier
Description
- Is Windchill Workgroup Manager (WWGM) impacted by the CVE-2023-4863 Heap buffer overflow in WebP Vulnerability reported for Chromium Embedded Framework
- Windchill Workgroup Manager uses the Embedded Browser to interact with Windchill, which may use Chrome (Chromium Embedded Framework) in the following situations:
- WWGM 12.1.0.0 and older with uwgmclient.ini setting windows.browser.type set to chromium_browser
- WWGM 12.1.0.1+
- Limited details are being made available from Google for this CVE
This is a printer-friendly version of Article 402981 and may be out of date. For the latest version click CS402981