{ "version": "1", "package": [ { "name": "libvpx", "layer": "meta-oe", "version": "1.14.0", "products": [ { "product": "libvpx", "cvesInRecord": "Yes" } ], "issue": [ { "id": "CVE-2010-4203", "summary": "WebM libvpx (aka the VP8 Codec SDK) before 0.9.5, as used in Google Chrome before 7.0.517.44, allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via invalid frames.", "scorev2": "10.0", "scorev3": "9.8", "scorev4": "0.0", "vector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "status": "Patched", "link": "https://nvd.nist.gov/vuln/detail/CVE-2010-4203" }, { "id": "CVE-2012-0823", "summary": "VP8 Codec SDK (libvpx) before 1.0.0 \"Duclair\" allows remote attackers to cause a denial of service (application crash) via (1) unspecified \"corrupt input\" or (2) by \"starting decoding from a P-frame,\" which triggers an out-of-bounds read, related to \"the clamping of motion vectors in SPLITMV blocks\".", "scorev2": "5.0", "scorev3": "0.0", "scorev4": "0.0", "vector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "status": "Patched", "link": "https://nvd.nist.gov/vuln/detail/CVE-2012-0823" }, { "id": "CVE-2023-44488", "summary": "VP9 in libvpx before 1.13.1 mishandles widths, leading to a crash related to encoding.", "scorev2": "0.0", "scorev3": "7.5", "scorev4": "0.0", "vector": "NETWORK", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "status": "Patched", "link": "https://nvd.nist.gov/vuln/detail/CVE-2023-44488" }, { "id": "CVE-2023-5217", "summary": "Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)", "scorev2": "0.0", "scorev3": "8.8", "scorev4": "0.0", "vector": "NETWORK", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "status": "Patched", "link": "https://nvd.nist.gov/vuln/detail/CVE-2023-5217" }, { "id": "CVE-2023-6349", "summary": "A heap overflow vulnerability exists in libvpx -\u00a0Encoding a frame that has larger dimensions than the originally configured size with VP9 may result in a heap overflow in libvpx.\nWe recommend upgrading to version 1.13.1 or above", "scorev2": "0.0", "scorev3": "7.5", "scorev4": "5.7", "vector": "NETWORK", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "status": "Patched", "link": "https://nvd.nist.gov/vuln/detail/CVE-2023-6349" }, { "id": "CVE-2024-5197", "summary": "There exists interger overflows in libvpx in versions prior to 1.14.1.\u00a0Calling vpx_img_alloc()\u00a0with a large value of the d_w, d_h, or align\u00a0parameter may result in integer overflows in the calculations of buffer sizes and offsets and some fields of the returned vpx_image_t\u00a0struct may be invalid.\u00a0Calling vpx_img_wrap()\u00a0with a large value of the d_w, d_h, or stride_align\u00a0parameter may result in integer overflows in the calculations of buffer sizes and offsets and some fields of the returned vpx_image_t\u00a0struct may be invalid. We recommend upgrading to version 1.14.1 or beyond", "scorev2": "0.0", "scorev3": "9.1", "scorev4": "5.9", "vector": "NETWORK", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "status": "Unpatched", "link": "https://nvd.nist.gov/vuln/detail/CVE-2024-5197" } ] } ] }