Firefox 118.1 released
Firefox 118.1 released
www.mozilla.org Security Vulnerability fixed in Firefox 118.0.1, Firefox ESR 115.3.1, Firefox for Android 118.1.0, and Firefox Focus for Android 118.1.0.
3 comments
-
Fix is to address a critical CVE:
Specific handling of an attacker-controlled VP8 media stream could lead to a heap buffer overflow in the content process. We are aware of this issue being exploited in other products in the wild.
-
Any idea if it's the same root cause as CVE-2023-4863 (libwebp heap buffer overflow)? WEBP is a derivative of VP8, after all.
-
It is apparently a new one in libvpx
-
-