Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) (CVE-2023-5217)

Impact

There is no impact; F5 products are not affected by this vulnerability.

CPENameOperatorVersion
f5 ssl orchestratoreq14.1.0
f5 ssl orchestratoreq14.1.2
f5 ssl orchestratoreq14.1.4
f5 ssl orchestratoreq15.1.0
f5 ssl orchestratoreq15.1.1
f5 ssl orchestratoreq16.1.0
f5 ssl orchestratoreq16.1.1
f5 ssl orchestratoreq16.1.3
f5 ssl orchestratoreq17.1.0
big-ip afmeq13.1.0

Name	Operator	Version
f5 ssl orchestrator	eq	14.1.0
f5 ssl orchestrator	eq	14.1.2
f5 ssl orchestrator	eq	14.1.4
f5 ssl orchestrator	eq	15.1.0
f5 ssl orchestrator	eq	15.1.1
f5 ssl orchestrator	eq	16.1.0
f5 ssl orchestrator	eq	16.1.1
f5 ssl orchestrator	eq	16.1.3
f5 ssl orchestrator	eq	17.1.0
big-ip afm	eq	13.1.0

Rows per page:

1-10 of 4501

osv 17

fedora 6

prion 1

nessus 68

github 3

openvas 35

kaspersky 7

veracode 1

githubexploit 3

cve 1

mozilla 1

malwarebytes 2

ubuntucve 1

slackware 3

mageia 2

debian 6

redhatcve 1

mscve 1

cisa_kev 1

cvelist 1

nvd 1

freebsd 2

alpinelinux 1

attackerkb 1

debiancve 1

redos 1

cloudfoundry 1

oraclelinux 4

apple 2

gentoo 1

almalinux 3

redhat 10

citrix 1

ubuntu 3

wizblog 1

msrc 1

chrome 1

hivepro 1

rosalinux 1

thn 1

osv

firefox-esr - security update

2023-09-29 00:00:00

firefox-esr - security update

2023-09-30 00:00:00

CVE-2023-5217

2023-09-28 16:15:10

fedora

[SECURITY] Fedora 38 Update: libvpx-1.13.0-5.fc38

2023-10-01 04:55:42

[SECURITY] Fedora 39 Update: libvpx-1.13.0-5.fc39

2023-10-02 00:16:31

[SECURITY] Fedora 37 Update: libvpx-1.12.0-4.fc37

2023-10-23 01:25:02

prion

Heap overflow

2023-09-28 16:15:00

nessus

Debian DSA-5510-1 : libvpx - security update

2023-09-30 00:00:00

Debian DSA-5509-1 : firefox-esr - security update

2023-09-30 00:00:00

Fedora 39 : thunderbird (2023-1afa208698)

2023-11-07 00:00:00

github

Electron affected by libvpx's heap buffer overflow in vp8 encoding

2023-09-28 18:30:45

CefSharp affected by libvpx's heap buffer overflow in vp8 encoding

2023-10-05 13:22:50

CefSharp affected by heap buffer overflow in WebP

2023-09-21 17:11:42

openvas

Debian: Security Advisory (DSA-5509-1)

2023-10-02 00:00:00

openSUSE: Security Advisory for libvpx (SUSE-SU-2023:3948-1)

2024-03-04 00:00:00

SUSE: Security Advisory (SUSE-SU-2023:3950-1)

2023-10-04 00:00:00

kaspersky

KLA60821 DoS vulnerability in Mozilla Firefox ESR

2023-09-28 00:00:00

KLA60820 DoS vulnerability in Mozilla Firefox

2023-09-28 00:00:00

KLA61042 DoS vulnerability in Mozilla Thunderbird

2023-09-28 00:00:00

veracode

Heap Buffer Overflow

2023-10-02 19:10:55

githubexploit

Exploit for Out-of-bounds Write in Webmproject Libvpx

2023-10-06 10:43:38

Exploit for Out-of-bounds Write in Webmproject Libvpx

2023-10-06 05:46:16

Exploit for Out-of-bounds Write in Webmproject Libvpx

2023-10-06 11:01:08

cve

CVE-2023-5217

2023-09-28 16:15:10

mozilla

Security Vulnerability fixed in Firefox 118.0.1, Firefox ESR 115.3.1, Firefox for Android 118.1.0, Firefox Focus for Android 118.1.0, and Thunderbird 115.3.1. — Mozilla

2023-09-28 00:00:00

malwarebytes

Update Chrome now! Google patches another actively exploited vulnerability

2023-09-29 11:15:00

Update now! Apple patches vulnerabilities on iPhone and iPad

2023-10-05 05:00:00

ubuntucve

CVE-2023-5217

2023-09-29 00:00:00

slackware

[slackware-security] mozilla-thunderbird

2023-09-30 21:42:55

[slackware-security] mozilla-firefox

2023-09-28 21:46:24

[slackware-security] libvpx

2023-09-30 21:42:24

mageia

Updated libvpx packages fix security vulnerability

2023-10-02 13:18:07

Updated Firefox and Thunderbird packages fix security vulnerabilities

2023-10-10 20:21:41

debian

[SECURITY] [DSA 5510-1] libvpx security update

2023-09-29 21:10:17

[SECURITY] [DLA 3591-1] firefox-esr security update

2023-09-30 10:16:57

[SECURITY] [DSA 5509-1] firefox-esr security update

2023-09-29 17:55:10

redhatcve

CVE-2023-5217

2023-09-28 14:24:48

mscve

Chromium: CVE-2023-5217 Heap buffer overflow in vp8 encoding in libvpx

2023-09-29 16:24:54

cisa_kev

Google Chromium libvpx Heap Buffer Overflow Vulnerability

2023-10-02 00:00:00

cvelist

CVE-2023-5217

2023-09-28 15:23:18

nvd

CVE-2023-5217

2023-09-28 16:15:10

freebsd

electron{22,24,25} -- Heap buffer overflow in vp8 encoding in libvpx

2023-09-28 00:00:00

chromium -- multiple vulnerabilities

2023-09-27 00:00:00

alpinelinux

CVE-2023-5217

2023-09-28 16:15:10

attackerkb

CVE-2023-5217

2023-09-28 00:00:00

debiancve

CVE-2023-5217

2023-09-28 16:15:10

redos

ROS-20231016-04

2023-10-16 00:00:00

cloudfoundry

USN-6403-1: libvpx vulnerabilities | Cloud Foundry

2023-10-05 00:00:00

oraclelinux

libvpx security update

2023-10-10 00:00:00

libvpx security update

2023-10-11 00:00:00

thunderbird security update

2023-10-13 00:00:00

apple

About the security content of iOS 17.0.3 and iPadOS 17.0.3

2023-10-04 00:00:00

About the security content of iOS 16.7.1 and iPadOS 16.7.1

2023-10-10 00:00:00

gentoo

libvpx: Multiple Vulnerabilities

2023-10-04 00:00:00

almalinux

Important: libvpx security update

2023-10-09 00:00:00

Important: libvpx security update

2023-10-09 00:00:00

Important: firefox security update

2023-10-04 00:00:00

redhat

(RHSA-2023:5535) Important: libvpx security update

2023-10-09 09:50:48

(RHSA-2023:5540) Important: libvpx security update

2023-10-09 09:57:50

(RHSA-2023:5539) Important: libvpx security update

2023-10-09 09:56:54

citrix

Impact of Chromium vulnerabilities CVE-2023-4863 and CVE-2023-5217 on Cloud Software Group products

2023-10-06 20:18:12

ubuntu

libvpx vulnerabilities

2023-11-01 00:00:00

libvpx vulnerabilities

2023-10-02 00:00:00

libvpx vulnerabilities

2023-10-23 00:00:00

wizblog

Critical vulnerabilities in media libraries exploited in the wild: everything you need to know

2023-10-01 13:31:06

msrc

Microsoft’s Response to Open-Source Vulnerabilities - CVE-2023-4863 and CVE-2023-5217

2023-10-02 07:00:00

chrome

Stable Channel Update for Desktop

2023-09-27 00:00:00

hivepro

Google and Firefox fixes Zero-Day Flaw Exploited in the Wild

2023-10-02 06:29:28

rosalinux

Advisory ROSA-SA-2024-2357

2024-02-20 10:26:09

thn

Apple Rolls Out Security Patches for Actively Exploited iOS Zero-Day Flaw

2023-10-05 03:42:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

9.2 High

AI Score

Confidence

High

0.245 Low

EPSS

Percentile

96.7%

JSON

Related for F5:K000137105