VDB
CISA-2023-44488
CISA-2023-44488
PUBLISHED
Reported by mitre · Published September 30, 2023
VP9 in libvpx before 1.13.1 mishandles widths, leading to a crash related to encoding.
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| n/a | n/a | n/a, n/a |
Timeline
- Sep 30, 2023 CVE Published
- Sep 23, 2024 CVE Updated
- Apr 26, 2026 Distribution Patch
- Apr 26, 2026 Security Advisory
- Apr 26, 2026 Security Advisory
References
- [oss-security] 20230930 Re: CVE-2023-5217: Heap buffer overflow in vp8 encoding in libvpx mailing-list
- [debian-lts-announce] 20231001 [SECURITY] [DLA 3598-1] libvpx security update mailing-list
- GLSA-202310-04 vendor-advisory
- DSA-5518 vendor-advisory
- FEDORA-2023-f696934fbf vendor-advisory