Search for vulnerabilities
| Vulnerability ID | VCID-rhqa-79fn-kka5 |
| Aliases |
GHSA-4c29-gfrp-g6x9
GMS-2023-3094 GMS-2023-3096 |
| Summary | CefSharp affected by libvpx's heap buffer overflow in vp8 encoding Google is aware that an exploit for CVE-2023-5217 exists in the wild. Description Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) References - https://www.cve.org/CVERecord?id=CVE-2023-5217 - https://nvd.nist.gov/vuln/detail/CVE-2023-5217 |
| Status | Published |
| Exploitability | 0.5 |
| Weighted Severity | 8.0 |
| Risk | 4.0 |
| Affected and Fixed Packages | Package Details |
| System | Score | Found at |
|---|---|---|
| cvssv3.1_qr | HIGH | https://github.com/advisories/GHSA-4c29-gfrp-g6x9 |
| generic_textual | HIGH | https://github.com/cefsharp/CefSharp |
| generic_textual | HIGH | https://github.com/cefsharp/CefSharp/commit/45e66f7c0f9094f2fd81ab57b37a9ed9576b51b8 |
| cvssv3.1_qr | HIGH | https://github.com/cefsharp/CefSharp/security/advisories/GHSA-4c29-gfrp-g6x9 |
| generic_textual | HIGH | https://github.com/cefsharp/CefSharp/security/advisories/GHSA-4c29-gfrp-g6x9 |
No EPSS data available for this vulnerability.
| Date | Actor | Action | Source | VulnerableCode Version |
|---|---|---|---|---|
| 2025-07-31T08:40:32.708981+00:00 | GithubOSV Importer | Import | https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/10/GHSA-4c29-gfrp-g6x9/GHSA-4c29-gfrp-g6x9.json | 37.0.0 |