This video from a security researcher says that pretty much every software that uses WebP was affected though, and once the issue was discovered, Google made commits in their own codebase to “fix” it. Which suggests it’s an issue with the upstream source code that Google provided to everyone else.
This video from a security researcher says that pretty much every software that uses WebP was affected though, and once the issue was discovered, Google made commits in their own codebase to “fix” it. Which suggests it’s an issue with the upstream source code that Google provided to everyone else.