rpm package
suse/libvpx&distro=SUSE Linux Enterprise Module for Desktop Applications 15 SP6
pkg:rpm/suse/libvpx&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP6
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-5197 | — | < 1.6.1-150000.6.16.1 | 1.6.1-150000.6.16.1 | Jun 3, 2024 | There exists interger overflows in libvpx in versions prior to 1.14.1. Calling vpx_img_alloc() with a large value of the d_w, d_h, or align parameter may result in integer overflows in the calculations of buffer sizes and offsets and some fields of the returned vpx_image_t struct | ||
| CVE-2023-6349 | — | < 1.6.1-150000.6.16.1 | 1.6.1-150000.6.16.1 | May 27, 2024 | A heap overflow vulnerability exists in libvpx - Encoding a frame that has larger dimensions than the originally configured size with VP9 may result in a heap overflow in libvpx. We recommend upgrading to version 1.13.1 or above |
- CVE-2024-5197Jun 3, 2024affected < 1.6.1-150000.6.16.1fixed 1.6.1-150000.6.16.1
There exists interger overflows in libvpx in versions prior to 1.14.1. Calling vpx_img_alloc() with a large value of the d_w, d_h, or align parameter may result in integer overflows in the calculations of buffer sizes and offsets and some fields of the returned vpx_image_t struct
- CVE-2023-6349May 27, 2024affected < 1.6.1-150000.6.16.1fixed 1.6.1-150000.6.16.1
A heap overflow vulnerability exists in libvpx - Encoding a frame that has larger dimensions than the originally configured size with VP9 may result in a heap overflow in libvpx. We recommend upgrading to version 1.13.1 or above