Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports

Toggle filters

11 – 17 of 17 results

CVE-2018-19212

Low priority
Needs evaluation

In libwebm through 2018-10-03, there is an abort caused by libwebm::Webm2Pes::InitWebmParser() that will lead to a DoS attack.

5 affected packages

android, chromium-browser, libvpx, oxide-qt, sludge

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
android Not in release Not in release Not in release Not in release Needs evaluation
chromium-browser Not affected Not affected Not affected Not affected Not affected
libvpx Not affected Not affected Not affected Not affected Not affected
oxide-qt Not in release Not in release Not in release Not in release Needs evaluation
sludge Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2017-13194

Low priority

Some fixes available 2 of 4

A vulnerability in the Android media framework (libvpx) related to odd frame width. Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-64710201.

1 affected packages

libvpx

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libvpx Not affected Not affected Fixed
Show less packages

CVE-2016-1972

Medium priority
Not affected

Race condition in libvpx in Mozilla Firefox before 45.0 on Windows might allow remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via unknown vectors.

3 affected packages

firefox, libvpx, thunderbird

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
firefox
libvpx
thunderbird
Show less packages

CVE-2015-1258

Low priority

Some fixes available 8 of 9

Google Chrome before 43.0.2357.65 relies on libvpx code that was not built with an appropriate --size-limit value, which allows remote attackers to trigger a negative value for a size field, and consequently cause a denial of...

3 affected packages

chromium-browser, libvpx, oxide-qt

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
chromium-browser
libvpx
oxide-qt
Show less packages

CVE-2012-0823

Low priority
Not affected

VP8 Codec SDK (libvpx) before 1.0.0 "Duclair" allows remote attackers to cause a denial of service (application crash) via (1) unspecified "corrupt input" or (2) by "starting decoding from a P-frame," which triggers...

1 affected packages

libvpx

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libvpx
Show less packages

CVE-2010-4489

Medium priority

Some fixes available 2 of 4

libvpx, as used in Google Chrome before 8.0.552.215 and possibly other products, allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted WebM video. NOTE: this vulnerability exists because of a regression.

2 affected packages

chromium-browser, libvpx

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
chromium-browser
libvpx
Show less packages

CVE-2010-4203

Medium priority
Fixed

WebM libvpx (aka the VP8 Codec SDK) before 0.9.5, as used in Google Chrome before 7.0.517.44, allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via invalid frames.

2 affected packages

chromium-browser, libvpx

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
chromium-browser
libvpx
Show less packages
  1. Previous page
  2. 1
  3. 2
  4. Next page
Export to JSON