Lucene search
Gentoo FoundationMGASA-2023-0338HistoryDec 04, 2023 - 11:28 a.m.
Updated libvpx packages fix a security vulnerability
2023-12-0411:28:24
Gentoo Foundation
advisories.mageia.org
16
libvpx
security vulnerability
vp9
mishandles widths
crash
encoding
cve-2023-44488
unix}
.
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
6.9
Confidence
Low
EPSS
0.001
Percentile
43.6%
The updated packages fix a security vulnerability VP9 in libvpx before 1.13.1 mishandles widths, leading to a crash related to encoding. (CVE-2023-44488)
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Mageia | 9 | noarch | libvpx | < 1.12.0-1.2 | libvpx-1.12.0-1.2.mga9 |
Related
nessus
nessus
Amazon Linux 2023 : libvpx, libvpx-devel, libvpx-utils (ALAS2023-2023-413)
2023-11-04 00:00:00
RHEL 8 : firefox (RHSA-2023:6190)
2023-10-30 00:00:00
Amazon Linux 2 : thunderbird (ALAS-2023-2294)
2023-10-20 00:00:00
ubuntucve
ubuntucve
CVE-2023-44488
2023-10-02 00:00:00
CVE-2023-6349
2024-05-27 00:00:00
cve
cve
CVE-2023-44488
2023-09-30 20:15:10
cvelist
cvelist
CVE-2023-44488
2023-09-30 00:00:00
openvas
openvas
Mageia: Security Advisory (MGASA-2023-0338)
2023-12-04 00:00:00
Debian: Security Advisory (DSA-5518-1)
2023-10-06 00:00:00
Ubuntu: Security Advisory (USN-6403-1)
2023-10-03 00:00:00
redhatcve
redhatcve
CVE-2023-44488
2023-10-02 20:25:34
prion
prion
Design/Logic Flaw
2023-09-30 20:15:00
amazon
amazon
Medium: thunderbird
2023-10-12 15:09:00
osv
osv
libvpx - security update
2023-10-05 00:00:00
CVE-2023-44488
2023-09-30 20:15:10
libvpx vulnerabilities
2023-10-23 15:46:57
nvd
nvd
CVE-2023-44488
2023-09-30 20:15:10
redhat
redhat
(RHSA-2023:6190) Important: firefox security update
2023-10-30 16:34:00
(RHSA-2023:6192) Important: thunderbird security update
2023-10-30 16:36:21
(RHSA-2023:5534) Important: libvpx security update
2023-10-09 09:49:38
vulnrichment
vulnrichment
CVE-2023-44488
2023-09-30 00:00:00
debiancve
debiancve
CVE-2023-44488
2023-09-30 20:15:10
cbl_mariner
cbl_mariner
CVE-2023-44488 affecting package libvpx for versions less than 1.13.1-1
2023-11-08 04:19:08
redos
redos
ROS-20231016-02
2023-10-16 00:00:00
alpinelinux
alpinelinux
CVE-2023-44488
2023-09-30 20:15:10
veracode
veracode
Buffer Overflow
2023-10-10 06:26:44
debian
debian
[SECURITY] [DSA 5518-1] libvpx security update
2023-10-05 19:18:38
[SECURITY] [DLA 3598-1] libvpx security update
2023-10-01 20:17:06
ubuntu
ubuntu
libvpx vulnerabilities
2023-11-01 00:00:00
libvpx vulnerabilities
2023-10-02 00:00:00
libvpx vulnerabilities
2023-10-23 00:00:00
oraclelinux
oraclelinux
libvpx security update
2023-10-10 00:00:00
libvpx security update
2023-10-11 00:00:00
thunderbird security update
2023-10-31 00:00:00
fedora
fedora
[SECURITY] Fedora 37 Update: libvpx-1.12.0-4.fc37
2023-10-23 01:25:02
gentoo
gentoo
libvpx: Multiple Vulnerabilities
2023-10-04 00:00:00
cloudfoundry
cloudfoundry
USN-6403-1: libvpx vulnerabilities | Cloud Foundry
2023-10-05 00:00:00
almalinux
almalinux
Important: libvpx security update
2023-10-09 00:00:00
Important: libvpx security update
2023-10-09 00:00:00
Important: firefox security update
2023-10-30 00:00:00
rocky
rocky
firefox security update
2023-11-11 23:00:15
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
6.9
Confidence
Low
EPSS
0.001
Percentile
43.6%
Related for MGASA-2023-0338