CVSS4
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
PASSIVE
CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:P/VC:L/SC:L/VI:H/SI:L/VA:N/SA:N
AI Score
Confidence
Low
EPSS
Percentile
9.0%
Xiantong Hou discovered that libvpx did not properly handle certain
malformed media files. If an application using libvpx opened a specially
crafted file, a remote attacker could cause a denial of service, or
possibly execute arbitrary code.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 24.04 | noarch | libvpx9 | < 1.14.0-1ubuntu2.1 | UNKNOWN |
Ubuntu | 24.04 | noarch | libvpx-dev | < 1.14.0-1ubuntu2.1 | UNKNOWN |
Ubuntu | 24.04 | noarch | libvpx-doc | < 1.14.0-1ubuntu2.1 | UNKNOWN |
Ubuntu | 24.04 | noarch | libvpx9-dbgsym | < 1.14.0-1ubuntu2.1 | UNKNOWN |
Ubuntu | 24.04 | noarch | vpx-tools | < 1.14.0-1ubuntu2.1 | UNKNOWN |
Ubuntu | 24.04 | noarch | vpx-tools-dbgsym | < 1.14.0-1ubuntu2.1 | UNKNOWN |
Ubuntu | 23.10 | noarch | libvpx7 | < 1.12.0-1ubuntu2.1 | UNKNOWN |
Ubuntu | 23.10 | noarch | libvpx-dev | < 1.12.0-1ubuntu2.1 | UNKNOWN |
Ubuntu | 23.10 | noarch | libvpx-doc | < 1.12.0-1ubuntu2.1 | UNKNOWN |
Ubuntu | 23.10 | noarch | libvpx7-dbgsym | < 1.12.0-1ubuntu2.1 | UNKNOWN |