Google Chrome versions before 1.132 are affected by this vulnerability. Libvpx is a free software video codec library from Google and the Alliance for Open Media (AOMedia).ĬVE-2023-5186 is a use after free vulnerability existing in Passwords.ĬVE-2023-5187 is a use after free vulnerability in Extensions.ĬISA has added the CVE-2023-5217 to its Known Exploited Vulnerabilities Catalog and requested users to patch it before October 23, 2023. However, specifically for Google Chrome, this vulnerability is tracked as CVE-2023-4863.ĬVE-2023-5217 is a heap buffer overflow vulnerability in VP8 compression format in libvpx. Google has made an update related to CVE-2023-4863 by providing a new identifier for this vulnerability, CVE-2023-5129. CVE-2023-2136 (April) – Integer overflow in Skia.CVE-2023-4863 (August) – Heap buffer overflow in WebP.In this batch of updates, Google has also addressed two more high-severity vulnerabilities, CVE-2023-5186 and CVE-2023-51987.ĬVE-2023-5217 is the fifth zero-day vulnerability addressed by Google Chrome since the start of the year. Google has mentioned in the advisory that the vulnerability is being exploited in the wild.Ĭlément Lecigne of Google’s Threat Analysis Group (TAG) has discovered the vulnerability. CVE-2023-5217 is a high-severity vulnerability that can lead to program crashes or arbitrary code execution. Google has released emergency updates to address a zero-day vulnerability in its Chrome browser.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |