Amazon Linux 2023 : libvpx, libvpx-devel, libvpx-utils (ALAS2023-2025-1207)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1207 advisory. A heap overflow vulnerability exists in libvpx - Encoding a frame that has larger dimensions than the originally configured size with VP9 may result in a heap overflow in libvpx.We recommend...

Medium: libvpx

Issue Overview: A heap overflow vulnerability exists in libvpx - Encoding a frame that has larger dimensions than the originally configured size with VP9 may result in a heap overflow in libvpx. We recommend upgrading to version 1.13.1 or above CVE-2023-6349 There exists interger overflows in...

UBUNTU-CVE-2023-6349

A heap overflow vulnerability exists in libvpx - Encoding a frame that has larger dimensions than the originally configured size with VP9 may result in a heap overflow in libvpx. We recommend upgrading to version 1.13.1 or above...

PT-2024-22322 · Judge0 · Judge0

Name of the Vulnerable Software and Affected Versions: Judge0 versions prior to 1.13.1 Description: The issue arises from the application's use of the UNIX chown command on an untrusted file within the sandbox. An attacker can exploit this by creating a symbolic link symlink to a file outside the...

PT-2024-22675 · Judge0 · Judge0

Name of the Vulnerable Software and Affected Versions: Judge0 versions prior to 1.13.1 Description: The default configuration of Judge0 leaves the service vulnerable to a sandbox escape via Server Side Request Forgery SSRF. This allows an attacker with sufficient access to the Judge0 API to obtai...