Information on source package libvpx

Available versions

ReleaseVersion
jessie1.3.0-3+deb8u5
stretch1.6.1-3+deb9u6
stretch (security)1.6.1-3+deb9u3
buster1.7.0-3+deb10u1
buster (security)1.7.0-3+deb10u3
bullseye1.9.0-1+deb11u2
bookworm1.12.0-1+deb12u2
trixie1.14.1-1
sid1.14.1-1

Open issues

BugjessiestretchbusterbullseyebookwormtrixiesidDescription
CVE-2024-5197fixedfixedfixedvulnerablevulnerablefixedfixedThere exists interger overflows in libvpx in versions prior to 1.14.1. ...
CVE-2019-9371fixedvulnerable (no DSA, ignored)fixedfixedfixedfixedfixedIn libvpx, there is a possible resource exhaustion due to improper inp ...
CVE-2016-6712vulnerable (no DSA, ignored)fixedfixedfixedfixedfixedfixedA remote denial of service vulnerability in libvpx in Mediaserver in A ...

Open unimportant issues

BugjessiestretchbusterbullseyebookwormtrixiesidDescription
CVE-2017-0641vulnerablevulnerablevulnerablevulnerablevulnerablevulnerablevulnerableA remote denial of service vulnerability in libvpx in Mediaserver coul ...
CVE-2015-4506vulnerablefixedfixedfixedfixedfixedfixedBuffer overflow in the vp9_init_context_buffers function in libvpx, as ...
CVE-2015-1258vulnerablefixedfixedfixedfixedfixedfixedGoogle Chrome before 43.0.2357.65 relies on libvpx code that was not b ...

Resolved issues

BugDescription
CVE-2023-44488VP9 in libvpx before 1.13.1 mishandles widths, leading to a crash rela ...
CVE-2023-6349A heap overflow vulnerability exists in libvpx -Encoding a frame that ...
CVE-2023-5217Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior ...
CVE-2020-0034In vp8_decode_frame of decodeframe.c, there is a possible out of bound ...
CVE-2019-9433In libvpx, there is a possible information disclosure due to improper ...
CVE-2019-9325In libvpx, there is a possible out of bounds read due to a missing bou ...
CVE-2019-9232In libvpx, there is a possible out of bounds read due to a missing bou ...
CVE-2017-13194A vulnerability in the Android media framework (libvpx) related to odd ...
CVE-2017-0393A denial of service vulnerability in libvpx in Mediaserver could enabl ...
CVE-2016-6711A remote denial of service vulnerability in libvpx in Mediaserver in A ...
CVE-2016-3881The decoder_peek_si_internal function in vp9/vp9_dx_iface.c in libvpx ...
CVE-2016-2464libvpx in libwebm in mediaserver in Android 4.x before 4.4.4, 5.0.x be ...
CVE-2016-1972Race condition in libvpx in Mozilla Firefox before 45.0 on Windows mig ...
CVE-2016-1621libvpx in mediaserver in Android 4.x before 4.4.4, 5.x before 5.1.1 LM ...
CVE-2015-4486The decrease_ref_count function in libvpx in Mozilla Firefox before 40 ...
CVE-2015-4485Heap-based buffer overflow in the resize_context_buffers function in l ...
CVE-2014-1578The get_tile function in Mozilla Firefox before 33.0, Firefox ESR 31.x ...
CVE-2012-0823VP8 Codec SDK (libvpx) before 1.0.0 "Duclair" allows remote attackers ...
CVE-2010-4489libvpx, as used in Google Chrome before 8.0.552.215 and possibly other ...
CVE-2010-4203WebM libvpx (aka the VP8 Codec SDK) before 0.9.5, as used in Google Ch ...

Security announcements

DSA / DLADescription
ELA-1112-1libvpx - security update
DLA-3830-1libvpx - security update
DSA-5518-1libvpx - security update
ELA-975-1libvpx - security update
DLA-3598-1libvpx - security update
ELA-973-1libvpx - security update
DSA-5510-1libvpx - security update
DLA-2829-1libvpx - security update
DLA-2136-1libvpx - security update
DSA-4578-1libvpx - security update
DLA-2012-1libvpx - security update
DSA-4132-1libvpx - security update
DLA-1290-1libvpx - security update

Search for package or bug name: Reporting problems