Fix is to address a critical CVE:
Specific handling of an attacker-controlled VP8 media stream could lead to a heap buffer overflow in the content process. We are aware of this issue being exploited in other products in the wild.
A place to discuss the news and latest developments on the open-source browser Firefox
Fix is to address a critical CVE:
Specific handling of an attacker-controlled VP8 media stream could lead to a heap buffer overflow in the content process. We are aware of this issue being exploited in other products in the wild.
Any idea if it's the same root cause as CVE-2023-4863 (libwebp heap buffer overflow)? WEBP is a derivative of VP8, after all.