VDB
CVE-2023-44488
CVE-2023-44488
PUBLISHED
EPSS 1.45% · 81.1th percentile
Risk Scores
EPSS Score
1.45%
81.1th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Amazon | libvpx | |
| Amazon | thunderbird | |
| Amazon | firefox |
Exploit Intelligence
- https://github.com/webmproject/libvpx/commit/df9fd9d5b7325060b2b921558a1eb20ca7880937 (circl)
- https://github.com/webmproject/libvpx/commit/263682c9a29395055f3b3afe2d97be1828a6223f (circl)
- https://github.com/webmproject/libvpx/compare/v1.13.0...v1.13.1 (circl)
- https://github.com/webmproject/libvpx/releases/tag/v1.13.1 (circl)
- [oss-security] 20230930 Re: CVE-2023-5217: Heap buffer overflow in vp8 encoding in libvpx (circl)
- [debian-lts-announce] 20231001 [SECURITY] [DLA 3598-1] libvpx security update (circl)
- https://bugzilla.redhat.com/show_bug.cgi?id=2241806 (circl)
- GLSA-202310-04 (circl)
- DSA-5518 (circl)
- FEDORA-2023-f696934fbf (circl)
…and 7 more exploits
Timeline
- Sep 30, 2023 CVE Published
- Oct 1, 2023 EPSS Score
- Nov 2, 2023 EPSS Score
- Jan 4, 2024 EPSS Score
- Feb 5, 2024 EPSS Score
- Apr 9, 2024 EPSS Score
- May 11, 2024 EPSS Score
- Jun 11, 2024 EPSS Score
- Aug 14, 2024 EPSS Score
- Sep 15, 2024 EPSS Score
- Sep 23, 2024 CVE Updated
- Oct 17, 2024 EPSS Score
References
- ALAS2-2025-2960: libvpx (medium) advisory
- ALAS2-2023-2294: thunderbird (medium) advisory
- ALAS2FIREFOX-2023-016: firefox (medium) advisory