CVE-2023-5217Google Chromium libvpx Heap Buffer Overflow Vulnerability

PUBLISHEDvulnerability record
2023-10-02 · last modified June 21, 2025

Metadata

CVE ID:
CVE-2023-5217
Project:
Google
Product:
Chromium libvpx
Date Added:
2023-10-02
Due Date:
2023-10-23
Last Updated:
June 21, 2025

Vulnerability Name

Google Chromium libvpx Heap Buffer Overflow Vulnerability

Description

Google Chromium libvpx contains a heap buffer overflow vulnerability in vp8 encoding that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could impact web browsers using libvpx, including but not limited to Google Chrome.

Known To Be Used in Ransomware Campaigns?

Ransomware Status:
Unknown

Action

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Additional Notes

Related News Articles

Related Weaknesses