Integer Overflow

libvpx.so is vulnerable to Integer Overflow. The vulnerability is caused by calling large values of the dw, dh, or align parameter in the functions vpximgalloc and vpximgwrap, leading to invalid buffer sizes and offsets...

Buffer Overflow

libvpx.so is vulnerable to Buffer Overflow. The vulnerability is due to the vp9alloccontextbuffers function in vp9alloccommon.c and the vp9changeconfig function in vp9encoder.c. There are no proper validation or handling for dynamic memory allocations when processing certain specially formatted...

Denial Of Service (DoS)

libvpx.so is vulnerable to denial of service DoS. The vulnerability exists because of lack of proper validation of input parameters in mkvparser.cc, leading to a resource consumption and application crash...

Information Disclosure

libvpx.so is vulnerable information disclosure. A lack of proper validation of data length in the function vp8decodeframe of decodeframe.c leads to an out-of-bound reads during the reading of frames, allowing a user without no additional privilege to disclose information if error correction mode ...

Out Of Bounds Read (OOB)

libvpx.so is vulnerable to out-of-bounds read OOB. The vulnerability is caused due to lack of bound checking for fuzzed data index in vp8norm table, leading to an out of bounds read...

Information Disclosure

libvpx.so is vulnerable to information disclosure. The vulnerability exists as malicious user-input is not validated, resulting in a use-after-free in postproc.c and allowing retrieval of confidential information upon a successful exploitation...