[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

250039

 
 

909

 
 

195882

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2023-44488Date: (C)2023-10-03   (M)2024-02-22


VP9 in libvpx before 1.13.1 mishandles widths, leading to a crash related to encoding.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V3 Severity:CVSS V2 Severity:
CVSS Score : 7.5CVSS Score :
Exploit Score: 3.9Exploit Score:
Impact Score: 3.6Impact Score:
 
CVSS V3 Metrics:CVSS V2 Metrics:
Attack Vector: NETWORKAccess Vector:
Attack Complexity: LOWAccess Complexity:
Privileges Required: NONEAuthentication:
User Interaction: NONEConfidentiality:
Scope: UNCHANGEDIntegrity:
Confidentiality: NONEAvailability:
Integrity: NONE 
Availability: HIGH 
  
Reference:
DSA-5518
FEDORA-2023-f696934fbf
GLSA-202310-04
https://lists.debian.org/debian-lts-announce/2023/10/msg00001.html
http://www.openwall.com/lists/oss-security/2023/09/30/4
https://bugzilla.redhat.com/show_bug.cgi?id=2241806
https://github.com/webmproject/libvpx/commit/263682c9a29395055f3b3afe2d97be1828a6223f
https://github.com/webmproject/libvpx/commit/df9fd9d5b7325060b2b921558a1eb20ca7880937
https://github.com/webmproject/libvpx/compare/v1.13.0...v1.13.1
https://github.com/webmproject/libvpx/releases/tag/v1.13.1

CWE    1
CWE-755
OVAL    31
oval:org.secpod.oval:def:94669
oval:org.secpod.oval:def:1507054
oval:org.secpod.oval:def:1507114
oval:org.secpod.oval:def:1701840
...

© SecPod Technologies