libvpx (SUSE:Linux Enterprise Module for Basesystem 15 SP1) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Module for Basesystem 15 SP1 package libvpx, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (6)
CVE-2019-2126 — CVSS 8.8 (high): In ParseContentEncodingEntry of mkvparser.cc, there is a possible double free due to a missing reset of a freed pointer. This could lead to…
CVE-2019-9232 — CVSS 7.5 (high): In libvpx, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no…
CVE-2020-0034 — CVSS 7.5 (high): In vp8_decode_frame of decodeframe.c, there is a possible out of bounds read due to improper input validation. This could lead to remote…
CVE-2019-9325 — CVSS 6.5 (medium): In libvpx, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no…
CVE-2019-9371 — CVSS 6.5 (medium): In libvpx, there is a possible resource exhaustion due to improper input validation. This could lead to remote denial of service with no…
CVE-2019-9433 — CVSS 6.5 (medium): In libvpx, there is a possible information disclosure due to improper input validation. This could lead to remote information disclosure…