Lucene search
GoogleOSV:GHSA-4C29-GFRP-G6X9HistoryOct 05, 2023 - 1:22 p.m.
CefSharp affected by libvpx's heap buffer overflow in vp8 encoding
2023-10-0513:22:50
Google
osv.dev
18
cefsharp
libvpx
heap buffer overflow
vp8 encoding
google chrome
remote attacker
heap corruption
html page
cve-2023-5217
nist
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS
0.306
Percentile
97.0%
Google is aware that an exploit for CVE-2023-5217 exists in the wild.
Description
Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
References
Related
ubuntucve
ubuntucve
CVE-2023-5217
2023-09-29 00:00:00
slackware
slackware
[slackware-security] mozilla-thunderbird
2023-09-30 21:42:55
[slackware-security] libvpx
2023-09-30 21:42:24
[slackware-security] mozilla-firefox
2023-09-28 21:46:24
nessus
nessus
Mozilla Firefox < 118.0.1
2023-09-28 00:00:00
Slackware Linux 15.0 / current mozilla-thunderbird Vulnerability (SSA:2023-273-02)
2023-09-30 00:00:00
Fedora 39 : libvpx (2023-10ff82e497)
2023-11-07 00:00:00
osv
osv
CVE-2023-5217
2023-09-28 16:15:10
libvpx - security update
2023-09-29 00:00:00
element-desktop-1.11.47-1.1 on GA media
2024-06-15 00:00:00
mageia
mageia
Updated libvpx packages fix security vulnerability
2023-10-02 13:18:07
Updated Firefox and Thunderbird packages fix security vulnerabilities
2023-10-10 20:21:41
openvas
openvas
Debian: Security Advisory (DSA-5510-1)
2023-10-02 00:00:00
Slackware: Security Advisory (SSA:2023-273-02)
2023-10-02 00:00:00
Mozilla Firefox Security Advisory (MFSA2023-44) - Linux
2023-09-29 00:00:00
malwarebytes
malwarebytes
Update Chrome now! Google patches another actively exploited vulnerability
2023-09-29 11:15:00
Update now! Apple patches vulnerabilities on iPhone and iPad
2023-10-05 05:00:00
mozilla
mozilla
kaspersky
kaspersky
KLA60820 DoS vulnerability in Mozilla Firefox
2023-09-28 00:00:00
KLA61042 DoS vulnerability in Mozilla Thunderbird
2023-09-28 00:00:00
KLA61592 DoS vulnerability in Microsoft Office
2023-09-29 00:00:00
cve
cve
CVE-2023-5217
2023-09-28 16:15:10
debian
debian
[SECURITY] [DSA 5510-1] libvpx security update
2023-09-29 21:10:17
[SECURITY] [DLA 3591-1] firefox-esr security update
2023-09-30 10:16:57
[SECURITY] [DSA 5509-1] firefox-esr security update
2023-09-29 17:55:10
f5
f5
K000137105 : libvpx vulnerability CVE-2023-5217
2023-10-03 00:00:00
cisa_kev
cisa_kev
Google Chromium libvpx Heap Buffer Overflow Vulnerability
2023-10-02 00:00:00
redhatcve
redhatcve
CVE-2023-5217
2023-09-28 14:24:48
cvelist
cvelist
CVE-2023-5217
2023-09-28 15:23:18
freebsd
freebsd
electron{22,24,25} -- Heap buffer overflow in vp8 encoding in libvpx
2023-09-28 00:00:00
chromium -- multiple vulnerabilities
2023-09-27 00:00:00
nvd
nvd
CVE-2023-5217
2023-09-28 16:15:10
mscve
mscve
Chromium: CVE-2023-5217 Heap buffer overflow in vp8 encoding in libvpx
2023-09-29 16:24:54
githubexploit
githubexploit
Exploit for Out-of-bounds Write in Webmproject Libvpx
2023-10-06 11:01:08
Exploit for Out-of-bounds Write in Webmproject Libvpx
2023-10-06 05:46:16
Exploit for Out-of-bounds Write in Webmproject Libvpx
2023-10-06 10:43:38
fedora
fedora
[SECURITY] Fedora 39 Update: libvpx-1.13.0-5.fc39
2023-10-02 00:16:31
[SECURITY] Fedora 38 Update: libvpx-1.13.0-5.fc38
2023-10-01 04:55:42
[SECURITY] Fedora 37 Update: libvpx-1.12.0-4.fc37
2023-10-23 01:25:02
attackerkb
attackerkb
CVE-2023-5217
2023-09-28 00:00:00
alpinelinux
alpinelinux
CVE-2023-5217
2023-09-28 16:15:10
github
github
CefSharp affected by libvpx's heap buffer overflow in vp8 encoding
2023-10-05 13:22:50
Electron affected by libvpx's heap buffer overflow in vp8 encoding
2023-09-28 18:30:45
CefSharp affected by heap buffer overflow in WebP
2023-09-21 17:11:42
debiancve
debiancve
CVE-2023-5217
2023-09-28 16:15:10
redos
redos
ROS-20231016-04
2023-10-16 00:00:00
prion
prion
Heap overflow
2023-09-28 16:15:00
veracode
veracode
Heap Buffer Overflow
2023-10-02 19:10:55
redhat
redhat
(RHSA-2023:5535) Important: libvpx security update
2023-10-09 09:50:48
(RHSA-2023:5539) Important: libvpx security update
2023-10-09 09:56:54
(RHSA-2023:5540) Important: libvpx security update
2023-10-09 09:57:50
citrix
citrix
almalinux
almalinux
Important: libvpx security update
2023-10-09 00:00:00
Important: libvpx security update
2023-10-09 00:00:00
Important: thunderbird security update
2023-10-04 00:00:00
oraclelinux
oraclelinux
libvpx security update
2023-10-11 00:00:00
libvpx security update
2023-10-10 00:00:00
thunderbird security update
2023-10-06 00:00:00
ubuntu
ubuntu
libvpx vulnerabilities
2023-10-02 00:00:00
libvpx vulnerabilities
2023-10-23 00:00:00
libvpx vulnerabilities
2023-11-01 00:00:00
apple
apple
About the security content of iOS 16.7.1 and iPadOS 16.7.1
2023-10-10 00:00:00
About the security content of iOS 17.0.3 and iPadOS 17.0.3
2023-10-04 00:00:00
wizblog
wizblog
msrc
msrc
gentoo
gentoo
libvpx: Multiple Vulnerabilities
2023-10-04 00:00:00
cloudfoundry
cloudfoundry
USN-6403-1: libvpx vulnerabilities | Cloud Foundry
2023-10-05 00:00:00
hivepro
hivepro
Google and Firefox fixes Zero-Day Flaw Exploited in the Wild
2023-10-02 06:29:28
chrome
chrome
Stable Channel Update for Desktop
2023-09-27 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2024-2357
2024-02-20 10:26:09
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS
0.306
Percentile
97.0%
Related for OSV:GHSA-4C29-GFRP-G6X9