From the article:

Those interested in diving deeper into the technical details of the security problem on libwebp may check this excellent write-up by security analyst Ben Hawkes.
https://blog.isosceles.com/the-webp-0day/