A zero-day vulnerability, CVE-2023-5217, is actively exploited and has been patched in both Google Chrome and Firefox browsers. CVE-2023-5217 is a Heap buffer overflow vulnerability discovered in the vp8 encoding component of libvpx, which has the potential to allow the execution of arbitrary code on the targeted system. Additionally, Google addressed multiple security issues including CVE-2023-5186, CVE-2023-5187, and CVE-2023-5217. All CVE-2023-5186, CVE-2023-5187 and CVE-2023-5217 are use-after-free flaws and they could also lead to arbitrary code execution.
Get through updates and upcoming events, and more directly in your inbox