CVE-2023-5217
Google Chromium libvpx Heap Buffer Overflow Vulnerability
CVSS
—
Sin CVSS
EPSS
49.0%
p99
KEV
SÍ
2 oct 2023
Exploit Today
80
0-100
Publicado: — · Última mod.: —
Producto
Google / Chromium libvpx
Vulnerabilidad
Google Chromium libvpx Heap Buffer Overflow Vulnerability
Añadido a KEV
2 oct 2023
Remediar antes de
23 oct 2023
Uso conocido en ransomware
No
Descripción resumida
Google Chromium libvpx contains a heap buffer overflow vulnerability in vp8 encoding that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could impact web browsers using libvpx, including but not limited to Google Chrome.
Acción requerida
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Notas
https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_27.html; https://nvd.nist.gov/vuln/detail/CVE-2023-5217
Sin CVEs relacionados por CWE o producto.