Any Chromium and Firefox browser prior to version 116 will be vulnerable to this, update your browsers.

  • Vub@lemmy.world
    link
    fedilink
    English
    arrow-up
    10
    ·
    1 year ago

    Not sure why you only mention Chromium and Firefox in the post text, I can only assume this vulnerability affects ALL browsers. Safari (WebKit based) is, as far as I know, the second most used browser in the world.

    • dwokimmortalus@lemmy.world
      link
      fedilink
      English
      arrow-up
      4
      ·
      1 year ago

      It’s anything implementing .webp support. Though the CVE has been out for nearly two weeks already so most apps have been patched.

      • Marius@lemmy.mariusdavid.fr
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        Actually, it’s specific to libwebp, but many things that decode webp just use this library (for example, decoding webp with the “image” rust crates doesn’t use libwebp. It does use it for encoding thought).