32 matches found
MiracleLinux 9 : libvpx-1.9.0-8.el9_5 (AXSA:2024-9404:02)
The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-9404:02 advisory. libvpx: Integer overflow in vpximgalloc CVE-2024-5197 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory...
MiracleLinux 8 : libvpx-1.7.0-11.el8_10 (AXSA:2024-8736:01)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8736:01 advisory. libvpx: Heap buffer overflow related to VP9 encoding CVE-2023-6349 libvpx: Integer overflow in vpximgalloc CVE-2024-5197 Tenable has extracted the...
Amazon Linux 2 : libvpx, --advisory ALAS2-2025-3015 (ALAS-2025-3015)
The version of libvpx installed on the remote host is prior to 1.9.0-5. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-3015 advisory. There exists interger overflows in libvpx in versions prior to 1.14.1. Calling vpximgalloc with a large value of the dw, dh, or alig...
Medium: libvpx
Issue Overview: There exists interger overflows in libvpx in versions prior to 1.14.1. Calling vpximgalloc with a large value of the dw, dh, or align parameter may result in integer overflows in the calculations of buffer sizes and offsets and some fields of the returned vpximaget struct may be...
Medium: libvpx
Issue Overview: A heap overflow vulnerability exists in libvpx - Encoding a frame that has larger dimensions than the originally configured size with VP9 may result in a heap overflow in libvpx. We recommend upgrading to version 1.13.1 or above CVE-2023-6349 There exists interger overflows in...
TencentOS Server 3: libvpx (TSSA-2024:0433)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0433 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
NewStart CGSL MAIN 7.02 : libvpx Vulnerability (NS-SA-2025-0071)
The remote NewStart CGSL host, running version MAIN 7.02, has libvpx packages installed that are affected by a vulnerability: - There exists interger overflows in libvpx in versions prior to 1.14.1. Calling vpximgalloc with a large value of the dw, dh, or align parameter may result in integer...
Alibaba Cloud Linux 3 : 0177: libvpx (ALINUX3-SA-2024:0177)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2024:0177 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2023-6349: A heap overflow vulnerabili...
RockyLinux 9 : libvpx (RLSA-2024:9827)
The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:9827 advisory. libvpx: Integer overflow in vpximgalloc CVE-2024-5197 Tenable has extracted the preceding description block directly from the RockyLinux security advisory. Note...
Linux Distros Unpatched Vulnerability : CVE-2024-5197
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - There exists interger overflows in libvpx in versions prior to 1.14.1. Calling vpximgalloc with a large value of the dw, dh, or align parameter may result in...
Ubuntu: Security Advisory (USN-7249-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
RHEL 9 : libvpx (RHSA-2024:9827)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:9827 advisory. The libvpx packages provide the VP8 SDK, which allows the encoding and decoding of the VP8 video codec, commonly used with the WebM multimedia...
Oracle Linux 9 : libvpx (ELSA-2024-9827)
The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-9827 advisory. 1.9.0-8 - Add patch to fix integer overflows. - Disable LTO to fix build - Resolves: RHEL-58144 Tenable has extracted the preceding description block directly...
Moderate: libvpx security update
The libvpx packages provide the VP8 SDK, which allows the encoding and decoding of the VP8 video codec, commonly used with the WebM multimedia container file format. Security Fixes: libvpx: Integer overflow in vpximgalloc CVE-2024-5197 For more details about the security issues, including the...
ALSA-2024:9827 Moderate: libvpx security update
The libvpx packages provide the VP8 SDK, which allows the encoding and decoding of the VP8 video codec, commonly used with the WebM multimedia container file format. Security Fixes: libvpx: Integer overflow in vpximgalloc CVE-2024-5197 For more details about the security issues, including the...
Advisory ROSA-SA-2024-2495
Software: libvpx 1.7.0 OS: ROSA Virtualization 2.1 packageevrstring: libvpx-1.7.0-11.rv3 CVE-ID: CVE-2023-44488 BDU-ID: 2023-06350 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the libvpx multimedia library is related to incorrect handling of exceptional states when processing certain special form...
AlmaLinux 8 : libvpx (ALSA-2024:5941)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:5941 advisory. libvpx: Heap buffer overflow related to VP9 encoding CVE-2023-6349 libvpx: Integer overflow in vpximgalloc CVE-2024-5197 Tenable has extracted the precedi...
ALSA-2024:5941 Moderate: libvpx security update
The libvpx packages provide the VP8 SDK, which allows the encoding and decoding of the VP8 video codec, commonly used with the WebM multimedia container file format. Security Fixes: libvpx: Heap buffer overflow related to VP9 encoding CVE-2023-6349 libvpx: Integer overflow in vpximgalloc...
RHEL 8 : libvpx (RHSA-2024:5941)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:5941 advisory. The libvpx packages provide the VP8 SDK, which allows the encoding and decoding of the VP8 video codec, commonly used with the WebM multimed...
Amazon Linux 2 : firefox (ALASFIREFOX-2024-028)
The version of firefox installed on the remote host is prior to 115.13.0-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2FIREFOX-2024-028 advisory. There exists interger overflows in libvpx in versions prior to 1.14.1. Calling vpximgalloc with a large value of the dw, d...