Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:22683
HistoryMar 12, 2020 - 8:25 a.m.

Information Disclosure

2020-03-1208:25:22
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
12

EPSS

0.003

Percentile

68.5%

libvpx.so is vulnerable information disclosure. A lack of proper validation of data length in the function vp8_decode_frame of decodeframe.c leads to an out-of-bound reads during the reading of frames, allowing a user without no additional privilege to disclose information if error correction mode is on.