Incomplete Disclosures by Apple and Google Create “Huge Blindspot” for Zero-Day Hunters
Google’s limited disclosure and the separate CVE designations for the vulnerability by Apple, Google, and Citizen Lab have hindered the detection and patching of the critical vulnerability in other software relying on libwebp.