In case you missed the news, there's a critical 0day in WebP (a heap buffer overflow in the libwepb library) floating about, which was initially issued as
If I understand the article right, it’s more of a no-click hack for any single app that the attacker cat get to display an image. Stepping out of the app’s sandbox would need another exploit.
Still bad enough though.
If I understand the article right, it’s more of a no-click hack for any single app that the attacker cat get to display an image. Stepping out of the app’s sandbox would need another exploit.
Still bad enough though.