EUVD-2025-25234

Malicious code in bioql PyPI...

libvpx: Double-free in libvpx encoder

A flaw was found in libvpx. A double-free issue can occur in vpxcodecencinitmulti after a failed allocation when initializing the encoder for WebRTC. This can cause memory corruption and an exploitable crash...

libvpx: Double-free in libvpx encoder

A flaw was found in libvpx. A double-free issue can occur in vpxcodecencinitmulti after a failed allocation when initializing the encoder for WebRTC. This can cause memory corruption and an exploitable crash...

libvpx: Double-free in libvpx encoder

A flaw was found in libvpx. A double-free issue can occur in vpxcodecencinitmulti after a failed allocation when initializing the encoder for WebRTC. This can cause memory corruption and an exploitable crash...

CVE-2025-5262

A double-free could have occurred in vpxcodecencinitmulti after a failed allocation when initializing the encoder for WebRTC. This could have caused memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird 139 and Thunderbird 128.11...

UBUNTU-CVE-2025-5262

A double-free could have occurred in vpxcodecencinitmulti after a failed allocation when initializing the encoder for WebRTC. This could have caused memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird 139 and Thunderbird 128.11...

CVE-2025-5262

CVE-2025-5262: A double-free in vpx_codec_enc_init_multi after a failed allocation during WebRTC encoder initialization can cause memory corruption and a potentially exploitable crash. Affected: Thunderbird < 139 and Thunderbird

PT-2024-40776 · Libvpx · Libvpx

Name of the Vulnerable Software and Affected Versions: libvpx affected versions not specified Description: The issue is related to a crash caused by a use-of-uninitialized-value error. The crash occurs in the vpx codec peek stream info function, as reported by the OSS-Fuzz tool. Recommendations: ...