VulnerableCode Package Details - pkg:nuget/CefSharp.Common.NETCore@99.2.140

Search for packages

Vulnerability	Summary	Fixed by
VCID-rhqa-79fn-kka5 Aliases: GHSA-4c29-gfrp-g6x9 GMS-2023-3094 GMS-2023-3096	CefSharp affected by libvpx's heap buffer overflow in vp8 encoding Google is aware that an exploit for CVE-2023-5217 exists in the wild. Description Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) References - https://www.cve.org/CVERecord?id=CVE-2023-5217 - https://nvd.nist.gov/vuln/detail/CVE-2023-5217	117.2.20 Affected by 0 other vulnerabilities.
VCID-v6vr-5eq9-w7ch Aliases: GHSA-j646-gj5p-p45g GMS-2023-2464 GMS-2023-2465	CefSharp affected by heap buffer overflow in WebP Google is aware that an exploit for [CVE-2023-4863](https://www.cve.org/CVERecord?id=CVE-2023-4863) exists in the wild. ### Description Heap buffer overflow in WebP in Google Chrome prior to 116.0.5845.187 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical) ### References - https://www.cve.org/CVERecord?id=CVE-2023-4863 - https://nvd.nist.gov/vuln/detail/CVE-2023-4863 - https://www.techtarget.com/searchsecurity/news/366551978/Browser-companies-patch-critical-zero-day-vulnerability --- Updated There is another related security vulnerability. > There's another related CVE ([CVE-2023-5217](https://nvd.nist.gov/vuln/detail/CVE-2023-5217)) that is fixed in Chromium 117.0.5938.132. This one is triggered by WebCodecs API encoder usage, so a workaround for older versions is to disable the WebCodecs API (`--disable-blink-features=WebCodecs`). As per https://magpcss.org/ceforum/viewtopic.php?f=6&t=19551#p54150	116.0.230 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}

Vulnerability

Summary

Fixed by

VCID-rhqa-79fn-kka5
Aliases:
GHSA-4c29-gfrp-g6x9
GMS-2023-3094
GMS-2023-3096

CefSharp affected by libvpx's heap buffer overflow in vp8 encoding Google is aware that an exploit for CVE-2023-5217 exists in the wild. Description Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) References - https://www.cve.org/CVERecord?id=CVE-2023-5217 - https://nvd.nist.gov/vuln/detail/CVE-2023-5217

117.2.20
Affected by 0 other vulnerabilities.

VCID-v6vr-5eq9-w7ch
Aliases:
GHSA-j646-gj5p-p45g
GMS-2023-2464
GMS-2023-2465

CefSharp affected by heap buffer overflow in WebP **Google is aware that an exploit for [CVE-2023-4863](https://www.cve.org/CVERecord?id=CVE-2023-4863) exists in the wild.** ### Description Heap buffer overflow in WebP in Google Chrome prior to 116.0.5845.187 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical) ### References - https://www.cve.org/CVERecord?id=CVE-2023-4863 - https://nvd.nist.gov/vuln/detail/CVE-2023-4863 - https://www.techtarget.com/searchsecurity/news/366551978/Browser-companies-patch-critical-zero-day-vulnerability --- **Updated** There is another related security vulnerability. > There's another related CVE ([CVE-2023-5217](https://nvd.nist.gov/vuln/detail/CVE-2023-5217)) that is fixed in Chromium 117.0.5938.132. This one is triggered by WebCodecs API encoder usage, so a workaround for older versions is to disable the WebCodecs API (`--disable-blink-features=WebCodecs`). As per https://magpcss.org/ceforum/viewtopic.php?f=6&t=19551#p54150

116.0.230
Affected by 1 other vulnerability.

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Vulnerability

Summary

Aliases

This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-08-01T11:22:02.511816+00:00	GitLab Importer	Affected by	VCID-rhqa-79fn-kka5	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/CefSharp.Common.NETCore/GMS-2023-3096.yml	37.0.0
2025-08-01T11:20:56.617791+00:00	GitLab Importer	Affected by	VCID-v6vr-5eq9-w7ch	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/CefSharp.Common.NETCore/GMS-2023-2465.yml	37.0.0

2025-08-01T11:22:02.511816+00:00

GitLab Importer

Affected by

VCID-rhqa-79fn-kka5

https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/CefSharp.Common.NETCore/GMS-2023-3096.yml

37.0.0

2025-08-01T11:20:56.617791+00:00

GitLab Importer

Affected by

VCID-v6vr-5eq9-w7ch

https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/CefSharp.Common.NETCore/GMS-2023-2465.yml

37.0.0

Next non-vulnerable version	117.2.20
Latest non-vulnerable version	117.2.20
Risk	4.5