Vulnerabilities (CVE)

Filtered by vendor Webmproject Subscribe
Filtered by product Libvpx
Total 4 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-5217 7 Apple, Debian, Fedoraproject and 4 more 12 Ipad Os, Iphone Os, Debian Linux and 9 more 2024-11-21 N/A 8.8 HIGH
Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2023-44488 4 Debian, Fedoraproject, Redhat and 1 more 4 Debian Linux, Fedora, Enterprise Linux and 1 more 2024-11-21 N/A 7.5 HIGH
VP9 in libvpx before 1.13.1 mishandles widths, leading to a crash related to encoding.
CVE-2012-0823 1 Webmproject 1 Libvpx 2024-11-21 5.0 MEDIUM N/A
VP8 Codec SDK (libvpx) before 1.0.0 "Duclair" allows remote attackers to cause a denial of service (application crash) via (1) unspecified "corrupt input" or (2) by "starting decoding from a P-frame," which triggers an out-of-bounds read, related to "the clamping of motion vectors in SPLITMV blocks".
CVE-2010-4203 3 Google, Redhat, Webmproject 5 Chrome, Enterprise Linux Desktop, Enterprise Linux Server and 2 more 2024-11-21 10.0 HIGH 9.8 CRITICAL
WebM libvpx (aka the VP8 Codec SDK) before 0.9.5, as used in Google Chrome before 7.0.517.44, allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via invalid frames.