rpm package
suse/libvpx&distro=SUSE Linux Enterprise Software Development Kit 12 SP5
pkg:rpm/suse/libvpx&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5
Vulnerabilities (4)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-5217 | — | KEV | < 1.3.0-3.12.1 | 1.3.0-3.12.1 | Sep 28, 2023 | Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |
| CVE-2020-0034 | — | < 1.3.0-3.9.1 | 1.3.0-3.9.1 | Mar 10, 2020 | In vp8_decode_frame of decodeframe.c, there is a possible out of bounds read due to improper input validation. This could lead to remote information disclosure if error correction were turned on, with no additional execution privileges needed. User interaction is not needed for e | ||
| CVE-2019-9433 | — | < 1.3.0-3.6.1 | 1.3.0-3.6.1 | Sep 27, 2019 | In libvpx, there is a possible information disclosure due to improper input validation. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A- | ||
| CVE-2019-9232 | — | < 1.3.0-3.6.1 | 1.3.0-3.6.1 | Sep 27, 2019 | In libvpx, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-122 |
- affected < 1.3.0-3.12.1fixed 1.3.0-3.12.1
Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
- CVE-2020-0034Mar 10, 2020affected < 1.3.0-3.9.1fixed 1.3.0-3.9.1
In vp8_decode_frame of decodeframe.c, there is a possible out of bounds read due to improper input validation. This could lead to remote information disclosure if error correction were turned on, with no additional execution privileges needed. User interaction is not needed for e
- CVE-2019-9433Sep 27, 2019affected < 1.3.0-3.6.1fixed 1.3.0-3.6.1
In libvpx, there is a possible information disclosure due to improper input validation. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-
- CVE-2019-9232Sep 27, 2019affected < 1.3.0-3.6.1fixed 1.3.0-3.6.1
In libvpx, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-122