this post was submitted on 29 Sep 2023
404 points (95.1% liked)

Technology

59223 readers
3330 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
 

Any Chromium and Firefox browser prior to version 116 will be vulnerable to this, update your browsers.

you are viewing a single comment's thread
view the rest of the comments
[–] bappity@lemmy.world 39 points 1 year ago (3 children)
[–] seaQueue@lemmy.world 20 points 1 year ago* (last edited 1 year ago) (1 children)

It's last week's big libwebp vulnerability again.

Edit: this underlying vuln is why last week's CVE was such a big deal, anything using webp is at risk including a whole big pile of electron apps that everyone uses.

[–] GamingChairModel@lemmy.world 15 points 1 year ago

Sorta. OP just linked the full disclosure of the libwebp vulnerability that made the news 2 weeks ago.

But there's an even more recent vulnerability in libvpx that was announced this week, that is similar in a lot of ways (including severity).