8 matches found
JLSEC-2026-377
There exists interger overflows in libvpx in versions prior to 1.14.1. Calling vpximgalloc with a large value of the dw, dh, or align parameter may result in integer overflows in the calculations of buffer sizes and offsets and some fields of the returned vpximaget struct may be invalid. Calling...
Moderate: Red Hat Security Advisory: libvpx security update
An update for libvpx is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
libvpx: Integer overflow in vpx_img_alloc()
A flaw was found in libvpx. When creating images, libvpx trusts the width, height, and alignment of the user input. However, it does not properly validate the provided values. This flaw allows an attacker to craft user inputs or trick the user into opening crafted files, where these types of valu...
RHEL 9 : libvpx (RHSA-2025:14138)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:14138 advisory. The libvpx packages provide the VP8 SDK, which allows the encoding and decoding of the VP8 video codec, commonly used with the WebM multimedia...
Astra Linux – Vulnerability in libvpx
There are integer overflows in the libvpx library in versions prior to 1.14.1. Calling vpximgalloc with a large value of the dw, dh, or align parameter may lead to integer overflows in the calculations of buffer sizes and offsets, and some fields of the returned vpximaget struct may become invali...
OESA-2024-1716 libvpx security update
libvpx provides the VP8/VP9 SDK, which allows you to integrate your applications with the VP8 and VP9 video codecs, high quality, royalty free, open source codecs deployed on millions of computers and devices worldwide. Security Fixes: There exists interger overflows in libvpx in versions prior t...
The vulnerability of the vpx_img_alloc() function in the libvpx video encoding/decoding library allows a perpetrator to execute arbitrary code.
The vulnerability of the vpximgalloc function in the libvpx video encoding/decoding library is related to integer overflow. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code by sending specially crafted data...
DEBIAN-CVE-2024-5197
There exists interger overflows in libvpx in versions prior to 1.14.1. Calling vpximgalloc with a large value of the dw, dh, or align parameter may result in integer overflows in the calculations of buffer sizes and offsets and some fields of the returned vpximaget struct may be invalid. Calling...