Lucene search
K
WebmprojectLibvpx

6 matches found

CVE
CVE
added 2023/09/28 3:23 p.m.987 views

CVE-2023-5217

CVE-2023-5217 is a heap buffer overflow in VP8 encoding in libvpx (affecting Google Chrome before 117.0.5938.132 and libvpx 1.13.1). A crafted HTML page could remotely trigger heap corruption. Multiple connected sources confirm the vulnerability in libvpx/WebP contexts; Apple’s advisory notes CVE...

8.8CVSS9.2AI score0.34401EPSS
In wild
CVE
CVE
added 2023/09/30 12:0 a.m.523 views

CVE-2023-44488

CVE-2023-44488 affects VP9 in libvpx prior to 1.13.1, where widths are mishandled during encoding, causing a crash. The CVE is documented across multiple sources including the libvpx 1.13.1 release and related advisories (e.g., ALAS2-2025-2960, CBLMariner). The issue is tied to libvpx’s handling ...

7.5CVSS7.9AI score0.01936EPSS
CVE
CVE
added 2024/06/03 1:30 p.m.135 views

CVE-2024-5197

Summary: Multiple connected advisories confirm CVE-2024-5197 affects libvpx with integer overflows in vpx_img_alloc() and vpx_img_wrap(), leading to overflowed buffer calculations and potentially invalid fields in vpx_image_t for versions prior to 1.14.1. The issue is described across Amazon Linu...

9.1CVSS6.8AI score0.00814EPSS
CVE
CVE
added 2024/05/27 11:26 a.m.112 views

CVE-2023-6349

CVE-2023-6349 (libvpx) describes a heap overflow when VP9 encodes frames wider than the configured size. Connected advisories/plugins confirm libvpx is affected in multiple Linux distributions (e.g., Amazon Linux 2/3, MiracleLinux, TencentOS Server) and commonly reference upgrading to libvpx 1.13...

7.5CVSS7AI score0.00368EPSS
CVE
CVE
added 2010/11/05 10:0 p.m.97 views

CVE-2010-4203

CVE-2010-4203 affects WebM libvpx (VP8 Codec SDK) before 0.9.5 used in Google Chrome prior to 7.0.517.44. An input frame with invalid data can trigger memory corruption, leading to a crash or potential code execution. Multiple advisories (RHSA-2010:0999, ELSA-2010-0999, OpenVAS entries) document ...

10CVSS9.5AI score0.04569EPSS
CVE
CVE
added 2012/02/23 7:0 p.m.50 views

CVE-2012-0823

CVE-2012-0823 affects the VP8 Codec SDK (libvpx) prior to 1.0.0 (code-named “Duclair”). The issue arises from the clamping of motion vectors in SPLITMV blocks, enabling an out-of-bounds read when decoding from a P-frame or from unspecified corrupt input, which can cause an application crash (DoS)...

5CVSS6.5AI score0.02597EPSS