Information on source package libvpx

Available versions

ReleaseVersion
stretch1.6.1-3+deb9u2
stretch (security)1.6.1-3+deb9u3
buster1.7.0-3+deb10u1
bullseye1.9.0-1
bookworm1.11.0-2
sid1.11.0-2

Open issues

BugstretchbusterbullseyebookwormsidDescription
CVE-2019-9371vulnerable (no DSA, ignored)fixedfixedfixedfixedIn libvpx, there is a possible resource exhaustion due to improper inp ...

Open unimportant issues

BugstretchbusterbullseyebookwormsidDescription
CVE-2017-0641vulnerablevulnerablevulnerablevulnerablevulnerableA remote denial of service vulnerability in libvpx in Mediaserver coul ...

Resolved issues

BugDescription
CVE-2020-0034In vp8_decode_frame of decodeframe.c, there is a possible out of bound ...
CVE-2019-9433In libvpx, there is a possible information disclosure due to improper ...
CVE-2019-9325In libvpx, there is a possible out of bounds read due to a missing bou ...
CVE-2019-9232In libvpx, there is a possible out of bounds read due to a missing bou ...
CVE-2017-13194A vulnerability in the Android media framework (libvpx) related to odd ...
CVE-2017-0393A denial of service vulnerability in libvpx in Mediaserver could enabl ...
CVE-2016-6712A remote denial of service vulnerability in libvpx in Mediaserver in A ...
CVE-2016-6711A remote denial of service vulnerability in libvpx in Mediaserver in A ...
CVE-2016-3881The decoder_peek_si_internal function in vp9/vp9_dx_iface.c in libvpx ...
CVE-2016-2464libvpx in libwebm in mediaserver in Android 4.x before 4.4.4, 5.0.x be ...
CVE-2016-1972Race condition in libvpx in Mozilla Firefox before 45.0 on Windows mig ...
CVE-2016-1621libvpx in mediaserver in Android 4.x before 4.4.4, 5.x before 5.1.1 LM ...
CVE-2015-4506Buffer overflow in the vp9_init_context_buffers function in libvpx, as ...
CVE-2015-4486The decrease_ref_count function in libvpx in Mozilla Firefox before 40 ...
CVE-2015-4485Heap-based buffer overflow in the resize_context_buffers function in l ...
CVE-2015-1258Google Chrome before 43.0.2357.65 relies on libvpx code that was not b ...
CVE-2014-1578The get_tile function in Mozilla Firefox before 33.0, Firefox ESR 31.x ...
CVE-2012-0823VP8 Codec SDK (libvpx) before 1.0.0 "Duclair" allows remote attackers ...
CVE-2010-4489libvpx, as used in Google Chrome before 8.0.552.215 and possibly other ...
CVE-2010-4203WebM libvpx (aka the VP8 Codec SDK) before 0.9.5, as used in Google Ch ...

Security announcements

DSA / DLADescription
DLA-2829-1libvpx - security update
DLA-2136-1libvpx - security update
DSA-4578-1libvpx - security update
DLA-2012-1libvpx - security update
DSA-4132-1libvpx - security update
DLA-1290-1libvpx - security update

Search for package or bug name: Reporting problems