CVE-2023-5217—Google Chromium libvpx Heap Buffer Overflow Vulnerability
PUBLISHEDvulnerability record
2023-10-02 · last modified June 21, 2025
Metadata
Vulnerability Name
Google Chromium libvpx Heap Buffer Overflow Vulnerability
Description
Google Chromium libvpx contains a heap buffer overflow vulnerability in vp8 encoding that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could impact web browsers using libvpx, including but not limited to Google Chrome.
Known To Be Used in Ransomware Campaigns?
Action
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.