Google and Firefox fixes Zero-Day Flaw Exploited in the Wild

Threat Level – Red | Vulnerability Report
Download PDF

A zero-day vulnerability, CVE-2023-5217, is actively exploited and has been patched in both Google Chrome and Firefox browsers. CVE-2023-5217 is a Heap buffer overflow vulnerability discovered in the vp8 encoding component of libvpx, which has the potential to allow the execution of arbitrary code on the targeted system. Additionally, Google addressed multiple security issues including CVE-2023-5186, CVE-2023-5187, and CVE-2023-5217. All CVE-2023-5186, CVE-2023-5187 and CVE-2023-5217 are use-after-free flaws and they could also lead to arbitrary code execution.

What’s new on HivePro

Get through updates and upcoming events, and more directly in your inbox