This library uses its own in-tree version of libwebp, which was last modified 4 years ago. In that time, multiple high-severity CVEs have been found in libwebp. The worst is:
CVE-2023-4863: Out of bounds memory write via a maliciously crafted WebP image (CVE rating of 10/10)
Until this is fixed, this library is vulnerable to said attack and is unsafe to use!
This library uses its own in-tree version of libwebp, which was last modified 4 years ago. In that time, multiple high-severity CVEs have been found in libwebp. The worst is:
CVE-2023-4863: Out of bounds memory write via a maliciously crafted WebP image (CVE rating of 10/10)
Until this is fixed, this library is vulnerable to said attack and is unsafe to use!