MiracleLinux 9 : libvpx-1.9.0-9.el9_6 (AXSA:2025-10541:02)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10541:02 advisory. libvpx: Double-free in libvpx encoder CVE-2025-5283 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory...

TencentOS Server 4: thunderbird (TSSA-2025:0621)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0621 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

AlmaLinux 10 : libvpx (ALSA-2025:9120)

The remote AlmaLinux 10 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:9120 advisory. libvpx: Double-free in libvpx encoder CVE-2025-5283 Tenable has extracted the preceding description block directly from the AlmaLinux security advisory. Note that...

libvpx security update

An update is available for libvpx. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The libvpx packages provide the VP8 SDK, which allows the encoding and decodi...

CLSA-2025-1756928514 libvpx: Fix of CVE-2025-5283

CVE-2025-5283: fix use after free vulnerability in libvpx to prevent potential heap corruption via crafted HTML page...

libvpx security update

An update is available for libvpx. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The libvpx packages provide the VP8 SDK, which allows the encoding and decodin...

RLSA-2025:9119 Important: libvpx security update

The libvpx packages provide the VP8 SDK, which allows the encoding and decoding of the VP8 video codec, commonly used with the WebM multimedia container file format. Security Fixes: libvpx: Double-free in libvpx encoder CVE-2025-5283 For more details about the security issues, including the impac...

Security update for chromium (important)

openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2025:0175-1 Rating: important References: 1243741 Cross-References: CVE-2025-5063 CVE-2025-5064 CVE-2025-5065 CVE-2025-5066 CVE-2025-5067 CVE-2025-5280 CVE-2025-5281 CVE-2025-5283 Affected Products: openSUSE...

Oracle Linux 7 : libvpx (ELSA-2025-9331)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-9331 advisory. 1.3.0-8.0.1 - Fixes CVE-2025-5283 vpxcodecencinitmulti fix double free on init fail Orabug: 38103810 Tenable has extracted the preceding description block...

libvpx security update

1.3.0-8.0.1 - Fixes CVE-2025-5283 vpxcodecencinitmulti fix double free on init fail Orabug: 38103810...

TencentOS Server 4: libvpx (TSSA-2025:0487)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0487 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

TencentOS Server 2: libvpx (TSSA-2025:0503)

The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0503 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities:...

AlmaLinux 9 : libvpx (ALSA-2025:9118)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:9118 advisory. libvpx: Double-free in libvpx encoder CVE-2025-5283 Tenable has extracted the preceding description block directly from the AlmaLinux security advisory. Note that...

AlmaLinux 8 : libvpx (ALSA-2025:9119)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:9119 advisory. libvpx: Double-free in libvpx encoder CVE-2025-5283 Tenable has extracted the preceding description block directly from the AlmaLinux security advisory. Note that...

Updated nss & firefox packages fix security vulnerabilities

CVE-2025-5263: Error handling for script execution was incorrectly isolated from web content, which could have allowed cross-origin leak attacks. CVE-2025-5264: Due to insufficient escaping of the newline character in the “Copy as cURL” feature, an attacker could trick a user into using this...

Alibaba Cloud Linux 3 : 0094: libvpx (ALINUX3-SA-2025:0094)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2025:0094 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2025-5283: Use after free in libvpx in Google...

Important: libvpx

Issue Overview: Use after free in libvpx in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium Duplicate: https://console.harmony.a2z.com/al-cve-eval/cve/TEMP-1106689-EC87F6 CVE-2025-528...

Important: libvpx

Issue Overview: Use after free in libvpx in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium Duplicate: https://console.harmony.a2z.com/al-cve-eval/cve/TEMP-1106689-EC87F6 CVE-2025-528...

Important: libvpx

Issue Overview: Use after free in libvpx in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium Duplicate: https://console.harmony.a2z.com/al-cve-eval/cve/TEMP-1106689-EC87F6 CVE-2025-528...

Important: libvpx

Issue Overview: Use after free in libvpx in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium Duplicate: https://console.harmony.a2z.com/al-cve-eval/cve/TEMP-1106689-EC87F6 CVE-2025-528...