Google’s Threat Analysis Group, led by Clément Lecigne, has discovered a high-severity heap buffer overflow vulnerability in the libvpx library, specifically in its VP8 encoding component.
WebM) which was part of the recent Critical fixes made to every web browser, some OS’ and numerous products.
Of particular importance, VLC 3.0.19 (released early just 3 weeks prior) updated the libvpx library (aka.