Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/1036424?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/1036424?format=api", "purl": "pkg:deb/debian/libvpx@1.1.0-1", "type": "deb", "namespace": "debian", "name": "libvpx", "version": "1.1.0-1", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "1.12.0-1+deb12u4", "latest_non_vulnerable_version": "1.12.0-1+deb12u4", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56974?format=api", "vulnerability_id": "VCID-4xgr-unyn-jkfj", "summary": "security update", "references": [ { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-November/141796.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-November/141796.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-October/141085.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-October/141085.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00024.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00024.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00000.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00000.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00001.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00001.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00002.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00002.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00003.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00003.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1635.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2014-1635.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1647.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2014-1647.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1578.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1578.json" }, { "reference_url": "https://advisories.mageia.org/MGASA-2014-0421.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://advisories.mageia.org/MGASA-2014-0421.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-1578", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01644", "scoring_system": "epss", "scoring_elements": "0.81999", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01644", "scoring_system": "epss", "scoring_elements": "0.81896", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01644", "scoring_system": "epss", "scoring_elements": "0.81969", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01644", "scoring_system": "epss", "scoring_elements": "0.81964", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01644", "scoring_system": "epss", "scoring_elements": "0.81908", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01644", "scoring_system": "epss", "scoring_elements": "0.8193", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01644", "scoring_system": "epss", "scoring_elements": "0.81927", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01644", "scoring_system": "epss", "scoring_elements": "0.81953", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01644", "scoring_system": "epss", "scoring_elements": "0.81961", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01644", "scoring_system": "epss", "scoring_elements": "0.8198", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-1578" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1063327", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1063327" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1574", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1574" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1576", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1576" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1577", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1577" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1578", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1578" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1581", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1581" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1583", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1583" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1585", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1585" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1586", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1586" }, { "reference_url": "http://secunia.com/advisories/61387", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/61387" }, { "reference_url": "http://secunia.com/advisories/61854", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/61854" }, { "reference_url": "http://secunia.com/advisories/62021", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/62021" }, { "reference_url": "http://secunia.com/advisories/62022", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/62022" }, { "reference_url": "http://secunia.com/advisories/62023", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/62023" }, { "reference_url": "http://www.debian.org/security/2014/dsa-3050", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2014/dsa-3050" }, { "reference_url": "http://www.debian.org/security/2014/dsa-3061", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2014/dsa-3061" }, { "reference_url": "http://www.mozilla.org/security/announce/2014/mfsa2014-77.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mozilla.org/security/announce/2014/mfsa2014-77.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html" }, { "reference_url": "http://www.securityfocus.com/bid/70428", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/70428" }, { "reference_url": "http://www.securitytracker.com/id/1031028", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1031028" }, { "reference_url": "http://www.securitytracker.com/id/1031030", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1031030" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2372-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2372-1" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2373-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2373-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1152361", "reference_id": "1152361", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1152361" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=765435", "reference_id": "765435", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=765435" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:30.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:30.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:30.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:31.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:31.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:31.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:31.1.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:31.1.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:31.1.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:31.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:31.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:31.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:31.1.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:31.1.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:31.1.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-1578", "reference_id": "CVE-2014-1578", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-1578" }, { "reference_url": "https://security.gentoo.org/glsa/201504-01", "reference_id": "GLSA-201504-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201504-01" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2014-77", "reference_id": "mfsa2014-77", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2014-77" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1635", "reference_id": "RHSA-2014:1635", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1635" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1647", "reference_id": "RHSA-2014:1647", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1647" }, { "reference_url": "https://usn.ubuntu.com/2372-1/", "reference_id": "USN-2372-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2372-1/" }, { "reference_url": "https://usn.ubuntu.com/2373-1/", "reference_id": "USN-2373-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2373-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1036425?format=api", "purl": "pkg:deb/debian/libvpx@1.3.0-3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-59n6-fj5x-33gn" }, { "vulnerability": "VCID-5bx8-w9sb-1bbs" }, { "vulnerability": "VCID-5n7c-tqzz-nfha" }, { "vulnerability": "VCID-7s5h-zrax-hkcv" }, { "vulnerability": "VCID-8vka-qus2-tbhj" }, { "vulnerability": "VCID-98mt-7srw-qfh4" }, { "vulnerability": "VCID-djwx-su1m-57h4" }, { "vulnerability": "VCID-f81v-9fv8-93cd" }, { "vulnerability": "VCID-hhsp-7swr-qybd" }, { "vulnerability": "VCID-hkfy-wbqn-sba8" }, { "vulnerability": "VCID-kuxu-ty5p-8qbf" }, { "vulnerability": "VCID-mcab-z6qn-gkds" }, { "vulnerability": "VCID-nw6w-7x8f-x7fw" }, { "vulnerability": "VCID-qcyp-en6e-vya2" }, { "vulnerability": "VCID-qjuf-f8ec-byc7" }, { "vulnerability": "VCID-s76d-pjvk-63cr" }, { "vulnerability": "VCID-tbkw-k4a7-43fp" }, { "vulnerability": "VCID-txwy-bkhg-9qfv" }, { "vulnerability": "VCID-ut2r-gvwc-4ydu" }, { "vulnerability": "VCID-veqq-773w-1ba9" }, { "vulnerability": "VCID-wg9d-bt6y-6yfd" }, { "vulnerability": "VCID-yhw4-v629-jye8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.3.0-3" } ], "aliases": [ "CVE-2014-1578" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4xgr-unyn-jkfj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47983?format=api", "vulnerability_id": "VCID-59n6-fj5x-33gn", "summary": "Multiple vulnerabilities have been found in libvpx, the worst of\n which could result in the execution of arbitrary code.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00049.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00049.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9232.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9232.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9232", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.09266", "scoring_system": "epss", "scoring_elements": "0.92699", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.09266", "scoring_system": "epss", "scoring_elements": "0.92742", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.09266", "scoring_system": "epss", "scoring_elements": "0.92726", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.09266", "scoring_system": "epss", "scoring_elements": "0.92731", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.09266", "scoring_system": "epss", "scoring_elements": "0.9273", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.09266", "scoring_system": "epss", "scoring_elements": "0.92706", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.09266", "scoring_system": "epss", "scoring_elements": "0.92713", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.09266", "scoring_system": "epss", "scoring_elements": "0.92711", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.09266", "scoring_system": "epss", "scoring_elements": "0.92721", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9232" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9232", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9232" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9325", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9325" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9433", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9433" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/11/msg00030.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/11/msg00030.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DQSTK442ATWJOR4TU3MR6C3N5A6NDFFN/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DQSTK442ATWJOR4TU3MR6C3N5A6NDFFN/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U2IIA3RSYABBUCFIHXIRVUT5CTJVWWZ6/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U2IIA3RSYABBUCFIHXIRVUT5CTJVWWZ6/" }, { "reference_url": "https://seclists.org/bugtraq/2019/Nov/43", "reference_id": "", "reference_type": "", "scores": [], "url": "https://seclists.org/bugtraq/2019/Nov/43" }, { "reference_url": "https://source.android.com/security/bulletin/android-10", "reference_id": "", "reference_type": "", "scores": [], "url": "https://source.android.com/security/bulletin/android-10" }, { "reference_url": "https://www.debian.org/security/2019/dsa-4578", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2019/dsa-4578" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2019/10/25/17", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2019/10/25/17" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2019/10/27/1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2019/10/27/1" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2019/11/07/1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2019/11/07/1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1788966", "reference_id": "1788966", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1788966" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9232", "reference_id": "CVE-2019-9232", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:N/A:N" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9232" }, { "reference_url": "https://security.gentoo.org/glsa/202003-59", "reference_id": "GLSA-202003-59", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202003-59" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3876", "reference_id": "RHSA-2020:3876", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3876" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4629", "reference_id": "RHSA-2020:4629", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4629" }, { "reference_url": "https://usn.ubuntu.com/4199-1/", "reference_id": "USN-4199-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4199-1/" }, { "reference_url": "https://usn.ubuntu.com/4199-2/", "reference_id": "USN-4199-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4199-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037261?format=api", "purl": "pkg:deb/debian/libvpx@1.6.1-3%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-59n6-fj5x-33gn" }, { "vulnerability": "VCID-7s5h-zrax-hkcv" }, { "vulnerability": "VCID-8vka-qus2-tbhj" }, { "vulnerability": "VCID-98mt-7srw-qfh4" }, { "vulnerability": "VCID-djwx-su1m-57h4" }, { "vulnerability": "VCID-f81v-9fv8-93cd" }, { "vulnerability": "VCID-hhsp-7swr-qybd" }, { "vulnerability": "VCID-kuxu-ty5p-8qbf" }, { "vulnerability": "VCID-mcab-z6qn-gkds" }, { "vulnerability": "VCID-txwy-bkhg-9qfv" }, { "vulnerability": "VCID-ut2r-gvwc-4ydu" }, { "vulnerability": "VCID-veqq-773w-1ba9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.6.1-3%252Bdeb9u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1038071?format=api", "purl": "pkg:deb/debian/libvpx@1.7.0-3%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-59n6-fj5x-33gn" }, { "vulnerability": "VCID-8vka-qus2-tbhj" }, { "vulnerability": "VCID-98mt-7srw-qfh4" }, { "vulnerability": "VCID-djwx-su1m-57h4" }, { "vulnerability": "VCID-f81v-9fv8-93cd" }, { "vulnerability": "VCID-kuxu-ty5p-8qbf" }, { "vulnerability": "VCID-mcab-z6qn-gkds" }, { "vulnerability": "VCID-txwy-bkhg-9qfv" }, { "vulnerability": "VCID-ut2r-gvwc-4ydu" }, { "vulnerability": "VCID-veqq-773w-1ba9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.7.0-3%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049205?format=api", "purl": "pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8vka-qus2-tbhj" }, { "vulnerability": "VCID-98mt-7srw-qfh4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.9.0-1%252Bdeb11u3" } ], "aliases": [ "CVE-2019-9232" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-59n6-fj5x-33gn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/92879?format=api", "vulnerability_id": "VCID-5bx8-w9sb-1bbs", "summary": "libvpx in libwebm in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted mkv file, aka internal bug 23167726.", "references": [ { "reference_url": "https://android.googlesource.com/platform/external/libvpx/+/65c49d5b382de4085ee5668732bcb0f6ecaf7148", "reference_id": "", "reference_type": "", "scores": [], "url": "https://android.googlesource.com/platform/external/libvpx/+/65c49d5b382de4085ee5668732bcb0f6ecaf7148" }, { "reference_url": "https://android.googlesource.com/platform/external/libvpx/+/cc274e2abe8b2a6698a5c47d8aa4bb45f1f9538d", "reference_id": "", "reference_type": "", "scores": [], "url": "https://android.googlesource.com/platform/external/libvpx/+/cc274e2abe8b2a6698a5c47d8aa4bb45f1f9538d" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2464", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00254", "scoring_system": "epss", "scoring_elements": "0.48753", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00254", "scoring_system": "epss", "scoring_elements": "0.48723", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00254", "scoring_system": "epss", "scoring_elements": "0.48697", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00254", "scoring_system": "epss", "scoring_elements": "0.48635", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00254", "scoring_system": "epss", "scoring_elements": "0.48676", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00254", "scoring_system": "epss", "scoring_elements": "0.48701", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00254", "scoring_system": "epss", "scoring_elements": "0.48655", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00254", "scoring_system": "epss", "scoring_elements": "0.48709", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00254", "scoring_system": "epss", "scoring_elements": "0.48705", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2464" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2464", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2464" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://source.android.com/security/bulletin/2016-06-01.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://source.android.com/security/bulletin/2016-06-01.html" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:google:android:4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.0.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:google:android:4.0.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.0.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.0.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:google:android:4.0.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.0.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.0.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:google:android:4.0.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.0.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.0.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:google:android:4.0.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.0.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:google:android:4.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:google:android:4.1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.1.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:google:android:4.1.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.1.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:google:android:4.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.2.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:google:android:4.2.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.2.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.2.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:google:android:4.2.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.2.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:google:android:4.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.3.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:google:android:4.3.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.3.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:google:android:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:5.0.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:google:android:5.0.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:5.0.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:5.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:google:android:5.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:5.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:google:android:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:6.0.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:google:android:6.0.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:6.0.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2464", "reference_id": "CVE-2016-2464", "reference_type": "", "scores": [ { "value": "9.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:C/I:C/A:C" }, { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2464" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037260?format=api", "purl": "pkg:deb/debian/libvpx@1.6.1-2~bpo8%2B1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-59n6-fj5x-33gn" }, { "vulnerability": "VCID-7s5h-zrax-hkcv" }, { "vulnerability": "VCID-8vka-qus2-tbhj" }, { "vulnerability": "VCID-98mt-7srw-qfh4" }, { "vulnerability": "VCID-djwx-su1m-57h4" }, { "vulnerability": "VCID-f81v-9fv8-93cd" }, { "vulnerability": "VCID-hhsp-7swr-qybd" }, { "vulnerability": "VCID-kuxu-ty5p-8qbf" }, { "vulnerability": "VCID-mcab-z6qn-gkds" }, { "vulnerability": "VCID-txwy-bkhg-9qfv" }, { "vulnerability": "VCID-ut2r-gvwc-4ydu" }, { "vulnerability": "VCID-veqq-773w-1ba9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.6.1-2~bpo8%252B1" } ], "aliases": [ "CVE-2016-2464" ], "risk_score": 4.2, "exploitability": "0.5", "weighted_severity": "8.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5bx8-w9sb-1bbs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62142?format=api", "vulnerability_id": "VCID-5n7c-tqzz-nfha", "summary": "Multiple vulnerabilities have been found in the Chromium web\n browser, the worst of which allows remote attackers to execute arbitrary\n code.", "references": [ { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/179128.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/179128.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1621.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1621.json" }, { "reference_url": "https://android.googlesource.com/platform/external/libvpx/+/04839626ed859623901ebd3a5fd483982186b59d", "reference_id": "", "reference_type": "", "scores": [], "url": "https://android.googlesource.com/platform/external/libvpx/+/04839626ed859623901ebd3a5fd483982186b59d" }, { "reference_url": "https://android.googlesource.com/platform/external/libvpx/+/5a9753fca56f0eeb9f61e342b2fccffc364f9426", "reference_id": "", "reference_type": "", "scores": [], "url": "https://android.googlesource.com/platform/external/libvpx/+/5a9753fca56f0eeb9f61e342b2fccffc364f9426" }, { "reference_url": "https://android.googlesource.com/platform/frameworks/av/+/5a6788730acfc6fd8f4a6ef89d2c376572a26b55", "reference_id": "", "reference_type": "", "scores": [], "url": "https://android.googlesource.com/platform/frameworks/av/+/5a6788730acfc6fd8f4a6ef89d2c376572a26b55" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1621", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.08743", "scoring_system": "epss", "scoring_elements": "0.92516", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.08743", "scoring_system": "epss", "scoring_elements": "0.92506", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.08743", "scoring_system": "epss", "scoring_elements": "0.92465", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.08743", "scoring_system": "epss", "scoring_elements": "0.92471", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.08743", "scoring_system": "epss", "scoring_elements": "0.9248", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.08743", "scoring_system": "epss", "scoring_elements": "0.92483", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.08743", "scoring_system": "epss", "scoring_elements": "0.92495", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.08743", "scoring_system": "epss", "scoring_elements": "0.92499", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.08743", "scoring_system": "epss", "scoring_elements": "0.92505", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.08743", "scoring_system": "epss", "scoring_elements": "0.92507", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1621" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1621", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1621" }, { "reference_url": "http://source.android.com/security/bulletin/2016-03-01.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://source.android.com/security/bulletin/2016-03-01.html" }, { "reference_url": "http://www.securityfocus.com/bid/84239", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/84239" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1318185", "reference_id": "1318185", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1318185" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:google:android:4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.0.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:google:android:4.0.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.0.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.0.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:google:android:4.0.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.0.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.0.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:google:android:4.0.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.0.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.0.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:google:android:4.0.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.0.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:google:android:4.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.1.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:google:android:4.1.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.1.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:google:android:4.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.2.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:google:android:4.2.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.2.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.2.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:google:android:4.2.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.2.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:google:android:4.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.3.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:google:android:4.3.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.3.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:google:android:4.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.4.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:google:android:4.4.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.4.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.4.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:google:android:4.4.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.4.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.4.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:google:android:4.4.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.4.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:google:android:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:5.0.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:google:android:5.0.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:5.0.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:5.0.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:google:android:5.0.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:5.0.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:5.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:google:android:5.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:5.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:5.1.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:google:android:5.1.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:5.1.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:5.1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:google:android:5.1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:5.1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:google:android:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:6.0.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:google:android:6.0.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:6.0.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1621", "reference_id": "CVE-2016-1621", "reference_type": "", "scores": [ { "value": "10.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:C/I:C/A:C" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1621" }, { "reference_url": "https://security.gentoo.org/glsa/201603-09", "reference_id": "GLSA-201603-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201603-09" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037260?format=api", "purl": "pkg:deb/debian/libvpx@1.6.1-2~bpo8%2B1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-59n6-fj5x-33gn" }, { "vulnerability": "VCID-7s5h-zrax-hkcv" }, { "vulnerability": "VCID-8vka-qus2-tbhj" }, { "vulnerability": "VCID-98mt-7srw-qfh4" }, { "vulnerability": "VCID-djwx-su1m-57h4" }, { "vulnerability": "VCID-f81v-9fv8-93cd" }, { "vulnerability": "VCID-hhsp-7swr-qybd" }, { "vulnerability": "VCID-kuxu-ty5p-8qbf" }, { "vulnerability": "VCID-mcab-z6qn-gkds" }, { "vulnerability": "VCID-txwy-bkhg-9qfv" }, { "vulnerability": "VCID-ut2r-gvwc-4ydu" }, { "vulnerability": "VCID-veqq-773w-1ba9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.6.1-2~bpo8%252B1" } ], "aliases": [ "CVE-2016-1621" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5n7c-tqzz-nfha" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81534?format=api", "vulnerability_id": "VCID-7s5h-zrax-hkcv", "summary": "libvpx: Out of bounds read in vp8_decode_frame in decodeframe.c", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00048.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00048.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-0034.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-0034.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-0034", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0451", "scoring_system": "epss", "scoring_elements": "0.89088", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0451", "scoring_system": "epss", "scoring_elements": "0.89155", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0451", "scoring_system": "epss", "scoring_elements": "0.89148", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0451", "scoring_system": "epss", "scoring_elements": "0.89144", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0451", "scoring_system": "epss", "scoring_elements": "0.89142", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0451", "scoring_system": "epss", "scoring_elements": "0.89097", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0451", "scoring_system": "epss", "scoring_elements": "0.89112", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0451", "scoring_system": "epss", "scoring_elements": "0.89114", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0451", "scoring_system": "epss", "scoring_elements": "0.89132", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0451", "scoring_system": "epss", "scoring_elements": "0.89137", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-0034" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-0034", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-0034" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00024.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00024.html" }, { "reference_url": "https://source.android.com/security/bulletin/2020-03-01", "reference_id": "", "reference_type": "", "scores": [], "url": "https://source.android.com/security/bulletin/2020-03-01" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1813000", "reference_id": "1813000", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1813000" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:google:android:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:8.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:google:android:8.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:8.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-0034", "reference_id": "CVE-2020-0034", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:C/I:N/A:N" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-0034" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3876", "reference_id": "RHSA-2020:3876", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3876" }, { "reference_url": "https://usn.ubuntu.com/5637-1/", "reference_id": "USN-5637-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5637-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1038071?format=api", "purl": "pkg:deb/debian/libvpx@1.7.0-3%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-59n6-fj5x-33gn" }, { "vulnerability": "VCID-8vka-qus2-tbhj" }, { "vulnerability": "VCID-98mt-7srw-qfh4" }, { "vulnerability": "VCID-djwx-su1m-57h4" }, { "vulnerability": "VCID-f81v-9fv8-93cd" }, { "vulnerability": "VCID-kuxu-ty5p-8qbf" }, { "vulnerability": "VCID-mcab-z6qn-gkds" }, { "vulnerability": "VCID-txwy-bkhg-9qfv" }, { "vulnerability": "VCID-ut2r-gvwc-4ydu" }, { "vulnerability": "VCID-veqq-773w-1ba9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.7.0-3%252Bdeb10u1" } ], "aliases": [ "CVE-2020-0034" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7s5h-zrax-hkcv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62756?format=api", "vulnerability_id": "VCID-8vka-qus2-tbhj", "summary": "Heap buffer overflow in libvpx. This vulnerability affects Firefox < 147.0.4, Firefox ESR < 140.7.1, Firefox ESR < 115.32.1, Thunderbird < 140.7.2, and Thunderbird < 147.0.2.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2447.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2447.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2447", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.03902", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.03896", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.03884", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.03897", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.03927", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.03874", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.03829", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.0385", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.03877", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2447" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2447", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2447" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1128283", "reference_id": "1128283", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1128283" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2440219", "reference_id": "2440219", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2440219" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-10", "reference_id": "mfsa2026-10", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-10" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-10/", "reference_id": "mfsa2026-10", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-17T14:52:59Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-10/" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-11", "reference_id": "mfsa2026-11", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2026-11" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2026-11/", "reference_id": "mfsa2026-11", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-17T14:52:59Z/" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2026-11/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3338", "reference_id": "RHSA-2026:3338", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3338" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3339", "reference_id": "RHSA-2026:3339", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3339" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3361", "reference_id": "RHSA-2026:3361", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3361" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3491", "reference_id": "RHSA-2026:3491", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3491" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3492", "reference_id": "RHSA-2026:3492", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3492" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3493", "reference_id": "RHSA-2026:3493", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3493" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3494", "reference_id": "RHSA-2026:3494", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3494" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3495", "reference_id": "RHSA-2026:3495", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3495" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3496", "reference_id": "RHSA-2026:3496", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3496" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3497", "reference_id": "RHSA-2026:3497", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3497" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3515", "reference_id": "RHSA-2026:3515", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3515" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3516", "reference_id": "RHSA-2026:3516", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3516" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3517", "reference_id": "RHSA-2026:3517", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3517" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3967", "reference_id": "RHSA-2026:3967", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3967" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3976", "reference_id": "RHSA-2026:3976", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3976" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3978", "reference_id": "RHSA-2026:3978", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3978" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3979", "reference_id": "RHSA-2026:3979", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3979" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3980", "reference_id": "RHSA-2026:3980", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3980" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3981", "reference_id": "RHSA-2026:3981", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3981" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3982", "reference_id": "RHSA-2026:3982", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3982" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3983", "reference_id": "RHSA-2026:3983", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3983" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3984", "reference_id": "RHSA-2026:3984", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3984" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4022", "reference_id": "RHSA-2026:4022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4022" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4152", "reference_id": "RHSA-2026:4152", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4152" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4260", "reference_id": "RHSA-2026:4260", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4260" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4432", "reference_id": "RHSA-2026:4432", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4432" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4447", "reference_id": "RHSA-2026:4447", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4447" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4629", "reference_id": "RHSA-2026:4629", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4629" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5227", "reference_id": "RHSA-2026:5227", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5227" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5228", "reference_id": "RHSA-2026:5228", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5228" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5229", "reference_id": "RHSA-2026:5229", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5229" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5230", "reference_id": "RHSA-2026:5230", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5230" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5231", "reference_id": "RHSA-2026:5231", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5231" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5319", "reference_id": "RHSA-2026:5319", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5319" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5320", "reference_id": "RHSA-2026:5320", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5320" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5323", "reference_id": "RHSA-2026:5323", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5323" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5324", "reference_id": "RHSA-2026:5324", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5324" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5326", "reference_id": "RHSA-2026:5326", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5326" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2014390", "reference_id": "show_bug.cgi?id=2014390", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-17T14:52:59Z/" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2014390" }, { "reference_url": "https://usn.ubuntu.com/8053-1/", "reference_id": "USN-8053-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8053-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050326?format=api", "purl": "pkg:deb/debian/libvpx@1.12.0-1%2Bdeb12u4", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.12.0-1%252Bdeb12u4" } ], "aliases": [ "CVE-2026-2447" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8vka-qus2-tbhj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56158?format=api", "vulnerability_id": "VCID-98mt-7srw-qfh4", "summary": "A vulnerability has been discovered in libvpx, which could lead to execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5283.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5283.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-5283", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.50758", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.50733", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.50756", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.50714", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.50681", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.50663", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.50718", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.50707", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-5283" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5283", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5283" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1106689", "reference_id": "1106689", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1106689" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2368749", "reference_id": "2368749", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2368749" }, { "reference_url": "https://issues.chromium.org/issues/419467315", "reference_id": "419467315", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-28T13:25:59Z/" } ], "url": "https://issues.chromium.org/issues/419467315" }, { "reference_url": "https://security.gentoo.org/glsa/202509-07", "reference_id": "GLSA-202509-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202509-07" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-42", "reference_id": "mfsa2025-42", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-42" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-43", "reference_id": "mfsa2025-43", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-43" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-44", "reference_id": "mfsa2025-44", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-44" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-45", "reference_id": "mfsa2025-45", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-45" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-46", "reference_id": "mfsa2025-46", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-46" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8293", "reference_id": "RHSA-2025:8293", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8293" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8308", "reference_id": "RHSA-2025:8308", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8308" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8341", "reference_id": "RHSA-2025:8341", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8341" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8598", "reference_id": "RHSA-2025:8598", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8598" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8599", "reference_id": "RHSA-2025:8599", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8599" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8607", "reference_id": "RHSA-2025:8607", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8607" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8608", "reference_id": "RHSA-2025:8608", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8608" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8628", "reference_id": "RHSA-2025:8628", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8628" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8629", "reference_id": "RHSA-2025:8629", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8629" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8630", "reference_id": "RHSA-2025:8630", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8630" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8631", "reference_id": "RHSA-2025:8631", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8631" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8642", "reference_id": "RHSA-2025:8642", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8642" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8756", "reference_id": "RHSA-2025:8756", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8756" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9071", "reference_id": "RHSA-2025:9071", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9071" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9072", "reference_id": "RHSA-2025:9072", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9072" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9073", "reference_id": "RHSA-2025:9073", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9073" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9074", "reference_id": "RHSA-2025:9074", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9074" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9075", "reference_id": "RHSA-2025:9075", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9075" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9076", "reference_id": "RHSA-2025:9076", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9076" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9077", "reference_id": "RHSA-2025:9077", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9077" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9118", "reference_id": "RHSA-2025:9118", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9118" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9119", "reference_id": "RHSA-2025:9119", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9119" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9120", "reference_id": "RHSA-2025:9120", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9120" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9122", "reference_id": "RHSA-2025:9122", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9122" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9123", "reference_id": "RHSA-2025:9123", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9123" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9124", "reference_id": "RHSA-2025:9124", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9124" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9125", "reference_id": "RHSA-2025:9125", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9125" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9126", "reference_id": "RHSA-2025:9126", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9126" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9127", "reference_id": "RHSA-2025:9127", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9127" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9128", "reference_id": "RHSA-2025:9128", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9128" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9155", "reference_id": "RHSA-2025:9155", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9155" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9331", "reference_id": "RHSA-2025:9331", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9331" }, { "reference_url": "https://chromereleases.googleblog.com/2025/05/stable-channel-update-for-desktop_27.html", "reference_id": "stable-channel-update-for-desktop_27.html", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-28T13:25:59Z/" } ], "url": "https://chromereleases.googleblog.com/2025/05/stable-channel-update-for-desktop_27.html" }, { "reference_url": "https://usn.ubuntu.com/7551-1/", "reference_id": "USN-7551-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7551-1/" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050326?format=api", "purl": "pkg:deb/debian/libvpx@1.12.0-1%2Bdeb12u4", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.12.0-1%252Bdeb12u4" } ], "aliases": [ "CVE-2025-5283" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-98mt-7srw-qfh4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47986?format=api", "vulnerability_id": "VCID-djwx-su1m-57h4", "summary": "Multiple vulnerabilities have been found in libvpx, the worst of\n which could result in the execution of arbitrary code.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00049.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00049.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9433.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9433.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9433", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.08604", "scoring_system": "epss", "scoring_elements": "0.92385", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.08604", "scoring_system": "epss", "scoring_elements": "0.92436", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.08604", "scoring_system": "epss", "scoring_elements": "0.92419", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.08604", "scoring_system": "epss", "scoring_elements": "0.92425", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.08604", "scoring_system": "epss", "scoring_elements": "0.92427", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.08604", "scoring_system": "epss", "scoring_elements": "0.92392", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.08604", "scoring_system": "epss", "scoring_elements": "0.92399", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.08604", "scoring_system": "epss", "scoring_elements": "0.92403", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.08604", "scoring_system": "epss", "scoring_elements": "0.92415", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9433" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9232", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9232" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9325", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9325" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9433", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9433" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/11/msg00030.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/11/msg00030.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DQSTK442ATWJOR4TU3MR6C3N5A6NDFFN/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DQSTK442ATWJOR4TU3MR6C3N5A6NDFFN/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U2IIA3RSYABBUCFIHXIRVUT5CTJVWWZ6/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U2IIA3RSYABBUCFIHXIRVUT5CTJVWWZ6/" }, { "reference_url": "https://seclists.org/bugtraq/2019/Nov/43", "reference_id": "", "reference_type": "", "scores": [], "url": "https://seclists.org/bugtraq/2019/Nov/43" }, { "reference_url": "https://source.android.com/security/bulletin/android-10", "reference_id": "", "reference_type": "", "scores": [], "url": "https://source.android.com/security/bulletin/android-10" }, { "reference_url": "https://www.debian.org/security/2019/dsa-4578", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2019/dsa-4578" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2019/10/25/17", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2019/10/25/17" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2019/10/27/1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2019/10/27/1" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2019/11/07/1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2019/11/07/1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1788994", "reference_id": "1788994", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1788994" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9433", "reference_id": "CVE-2019-9433", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:N/A:N" }, { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9433" }, { "reference_url": "https://security.gentoo.org/glsa/202003-59", "reference_id": "GLSA-202003-59", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202003-59" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3876", "reference_id": "RHSA-2020:3876", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3876" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4629", "reference_id": "RHSA-2020:4629", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4629" }, { "reference_url": "https://usn.ubuntu.com/4199-1/", "reference_id": "USN-4199-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4199-1/" }, { "reference_url": "https://usn.ubuntu.com/4199-2/", "reference_id": "USN-4199-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4199-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037261?format=api", "purl": "pkg:deb/debian/libvpx@1.6.1-3%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-59n6-fj5x-33gn" }, { "vulnerability": "VCID-7s5h-zrax-hkcv" }, { "vulnerability": "VCID-8vka-qus2-tbhj" }, { "vulnerability": "VCID-98mt-7srw-qfh4" }, { "vulnerability": "VCID-djwx-su1m-57h4" }, { "vulnerability": "VCID-f81v-9fv8-93cd" }, { "vulnerability": "VCID-hhsp-7swr-qybd" }, { "vulnerability": "VCID-kuxu-ty5p-8qbf" }, { "vulnerability": "VCID-mcab-z6qn-gkds" }, { "vulnerability": "VCID-txwy-bkhg-9qfv" }, { "vulnerability": "VCID-ut2r-gvwc-4ydu" }, { "vulnerability": "VCID-veqq-773w-1ba9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.6.1-3%252Bdeb9u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1038071?format=api", "purl": "pkg:deb/debian/libvpx@1.7.0-3%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-59n6-fj5x-33gn" }, { "vulnerability": "VCID-8vka-qus2-tbhj" }, { "vulnerability": "VCID-98mt-7srw-qfh4" }, { "vulnerability": "VCID-djwx-su1m-57h4" }, { "vulnerability": "VCID-f81v-9fv8-93cd" }, { "vulnerability": "VCID-kuxu-ty5p-8qbf" }, { "vulnerability": "VCID-mcab-z6qn-gkds" }, { "vulnerability": "VCID-txwy-bkhg-9qfv" }, { "vulnerability": "VCID-ut2r-gvwc-4ydu" }, { "vulnerability": "VCID-veqq-773w-1ba9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.7.0-3%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049205?format=api", "purl": "pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8vka-qus2-tbhj" }, { "vulnerability": "VCID-98mt-7srw-qfh4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.9.0-1%252Bdeb11u3" } ], "aliases": [ "CVE-2019-9433" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-djwx-su1m-57h4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/19209?format=api", "vulnerability_id": "VCID-f81v-9fv8-93cd", "summary": "Out-of-bounds Write\nHeap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5217.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5217.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-5217", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03573", "scoring_system": "epss", "scoring_elements": "0.87728", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03573", "scoring_system": "epss", "scoring_elements": "0.87722", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03573", "scoring_system": "epss", "scoring_elements": "0.8774", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.03573", "scoring_system": "epss", "scoring_elements": "0.87733", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.03573", "scoring_system": "epss", "scoring_elements": "0.87731", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.03573", "scoring_system": "epss", "scoring_elements": "0.87745", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.049", "scoring_system": "epss", "scoring_elements": "0.89576", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.049", "scoring_system": "epss", "scoring_elements": "0.89562", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-5217" }, { "reference_url": "https://arstechnica.com/security/2023/09/new-0-day-in-chrome-and-firefox-is-likely-to-plague-other-software", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://arstechnica.com/security/2023/09/new-0-day-in-chrome-and-firefox-is-likely-to-plague-other-software" }, { "reference_url": "https://arstechnica.com/security/2023/09/new-0-day-in-chrome-and-firefox-is-likely-to-plague-other-software/", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "https://arstechnica.com/security/2023/09/new-0-day-in-chrome-and-firefox-is-likely-to-plague-other-software/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241191", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241191" }, { "reference_url": "https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_27.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_27.html" }, { "reference_url": "https://crbug.com/1486441", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "https://crbug.com/1486441" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5169", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5169" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5171", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5171" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5176", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5176" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5186", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5186" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5187", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5187" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5217", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5217" }, { "reference_url": "http://seclists.org/fulldisclosure/2023/Oct/12", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "http://seclists.org/fulldisclosure/2023/Oct/12" }, { "reference_url": "http://seclists.org/fulldisclosure/2023/Oct/16", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "http://seclists.org/fulldisclosure/2023/Oct/16" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/electron/electron", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/electron/electron" }, { "reference_url": "https://github.com/electron/electron/pull/40022", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/electron/electron/pull/40022" }, { "reference_url": "https://github.com/electron/electron/pull/40023", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/electron/electron/pull/40023" }, { "reference_url": "https://github.com/electron/electron/pull/40024", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/electron/electron/pull/40024" }, { "reference_url": "https://github.com/electron/electron/pull/40025", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/electron/electron/pull/40025" }, { "reference_url": "https://github.com/electron/electron/pull/40026", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/electron/electron/pull/40026" }, { "reference_url": "https://github.com/electron/electron/releases/tag/v22.3.25", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/electron/electron/releases/tag/v22.3.25" }, { "reference_url": "https://github.com/electron/electron/releases/tag/v24.8.5", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/electron/electron/releases/tag/v24.8.5" }, { "reference_url": "https://github.com/electron/electron/releases/tag/v25.8.4", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/electron/electron/releases/tag/v25.8.4" }, { "reference_url": "https://github.com/electron/electron/releases/tag/v26.2.4", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/electron/electron/releases/tag/v26.2.4" }, { "reference_url": "https://github.com/electron/electron/releases/tag/v27.0.0-beta.8", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/electron/electron/releases/tag/v27.0.0-beta.8" }, { "reference_url": "https://github.com/webmproject/libvpx/commit/3fbd1dca6a4d2dad332a2110d646e4ffef36d590", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "https://github.com/webmproject/libvpx/commit/3fbd1dca6a4d2dad332a2110d646e4ffef36d590" }, { "reference_url": "https://github.com/webmproject/libvpx/commit/af6dedd715f4307669366944cca6e0417b290282", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "https://github.com/webmproject/libvpx/commit/af6dedd715f4307669366944cca6e0417b290282" }, { "reference_url": "https://github.com/webmproject/libvpx/releases/tag/v1.13.1", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "https://github.com/webmproject/libvpx/releases/tag/v1.13.1" }, { "reference_url": "https://github.com/webmproject/libvpx/tags", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "https://github.com/webmproject/libvpx/tags" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00038.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00038.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00001.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00001.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00015.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00015.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MFWDFJSSIFKWKNOCTQCFUNZWAXUCSS4", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MFWDFJSSIFKWKNOCTQCFUNZWAXUCSS4" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MFWDFJSSIFKWKNOCTQCFUNZWAXUCSS4/", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MFWDFJSSIFKWKNOCTQCFUNZWAXUCSS4/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/55YVCZNAVY3Y5E4DWPWMX2SPKZ2E5SOV", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/55YVCZNAVY3Y5E4DWPWMX2SPKZ2E5SOV" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/55YVCZNAVY3Y5E4DWPWMX2SPKZ2E5SOV/", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/55YVCZNAVY3Y5E4DWPWMX2SPKZ2E5SOV/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AY642Z6JZODQJE7Z62CFREVUHEGCXGPD", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AY642Z6JZODQJE7Z62CFREVUHEGCXGPD" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BCVSHVX2RFBU3RMCUFSATVQEJUFD4Q63", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BCVSHVX2RFBU3RMCUFSATVQEJUFD4Q63" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BCVSHVX2RFBU3RMCUFSATVQEJUFD4Q63/", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BCVSHVX2RFBU3RMCUFSATVQEJUFD4Q63/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CWEJYS5NC7KVFYU3OAMPKQDYN6JQGVK6", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CWEJYS5NC7KVFYU3OAMPKQDYN6JQGVK6" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CWEJYS5NC7KVFYU3OAMPKQDYN6JQGVK6/", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CWEJYS5NC7KVFYU3OAMPKQDYN6JQGVK6/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TE7F54W5O5RS4ZMAAC7YK3CZWQXIDSKB", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TE7F54W5O5RS4ZMAAC7YK3CZWQXIDSKB" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WTRUIS3564P7ZLM2S2IH4Y4KZ327LI4I", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WTRUIS3564P7ZLM2S2IH4Y4KZ327LI4I" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WTRUIS3564P7ZLM2S2IH4Y4KZ327LI4I/", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WTRUIS3564P7ZLM2S2IH4Y4KZ327LI4I/" }, { "reference_url": "https://pastebin.com/TdkC4pDv", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "https://pastebin.com/TdkC4pDv" }, { "reference_url": "https://security.gentoo.org/glsa/202310-04", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "https://security.gentoo.org/glsa/202310-04" }, { "reference_url": "https://security.gentoo.org/glsa/202401-34", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "https://security.gentoo.org/glsa/202401-34" }, { "reference_url": "https://stackdiary.com/google-discloses-a-webm-vp8-bug-tracked-as-cve-2023-5217", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://stackdiary.com/google-discloses-a-webm-vp8-bug-tracked-as-cve-2023-5217" }, { "reference_url": "https://stackdiary.com/google-discloses-a-webm-vp8-bug-tracked-as-cve-2023-5217/", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "https://stackdiary.com/google-discloses-a-webm-vp8-bug-tracked-as-cve-2023-5217/" }, { "reference_url": "https://support.apple.com/kb/HT213961", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "https://support.apple.com/kb/HT213961" }, { "reference_url": "https://support.apple.com/kb/HT213972", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "https://support.apple.com/kb/HT213972" }, { "reference_url": "https://twitter.com/maddiestone/status/1707163313711497266", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "https://twitter.com/maddiestone/status/1707163313711497266" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5508", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5508" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5509", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5509" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5510", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5510" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-44", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-44" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-44/", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-44/" }, { "reference_url": "https://www.openwall.com/lists/oss-security/2023/09/28/5", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "https://www.openwall.com/lists/oss-security/2023/09/28/5" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2023/09/28/5", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2023/09/28/5" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2023/09/28/6", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2023/09/28/6" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2023/09/29/1", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2023/09/29/1" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2023/09/29/11", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2023/09/29/11" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2023/09/29/12", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2023/09/29/12" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2023/09/29/14", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2023/09/29/14" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2023/09/29/2", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2023/09/29/2" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2023/09/29/7", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2023/09/29/7" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2023/09/29/9", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2023/09/29/9" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2023/09/30/1", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2023/09/30/1" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2023/09/30/2", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2023/09/30/2" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2023/09/30/3", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2023/09/30/3" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2023/09/30/4", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2023/09/30/4" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2023/09/30/5", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2023/09/30/5" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2023/10/01/1", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2023/10/01/1" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2023/10/01/2", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2023/10/01/2" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2023/10/01/5", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2023/10/01/5" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2023/10/02/6", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2023/10/02/6" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2023/10/03/11", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2023/10/03/11" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053182", "reference_id": "1053182", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053182" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AY642Z6JZODQJE7Z62CFREVUHEGCXGPD/", "reference_id": "AY642Z6JZODQJE7Z62CFREVUHEGCXGPD", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AY642Z6JZODQJE7Z62CFREVUHEGCXGPD/" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-5217", "reference_id": "CVE-2023-5217", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-5217" }, { "reference_url": "https://security-tracker.debian.org/tracker/CVE-2023-5217", "reference_id": "CVE-2023-5217", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "https://security-tracker.debian.org/tracker/CVE-2023-5217" }, { "reference_url": "https://github.com/advisories/GHSA-qqvq-6xgj-jw8g", "reference_id": "GHSA-qqvq-6xgj-jw8g", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-qqvq-6xgj-jw8g" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5426", "reference_id": "RHSA-2023:5426", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5426" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5427", "reference_id": "RHSA-2023:5427", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5427" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5428", "reference_id": "RHSA-2023:5428", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5428" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5429", "reference_id": "RHSA-2023:5429", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5429" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5430", "reference_id": "RHSA-2023:5430", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5430" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5432", "reference_id": "RHSA-2023:5432", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5432" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5433", "reference_id": "RHSA-2023:5433", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5433" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5434", "reference_id": "RHSA-2023:5434", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5434" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5435", "reference_id": "RHSA-2023:5435", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5435" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5436", "reference_id": "RHSA-2023:5436", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5436" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5437", "reference_id": "RHSA-2023:5437", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5437" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5438", "reference_id": "RHSA-2023:5438", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5438" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5439", "reference_id": "RHSA-2023:5439", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5439" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5440", "reference_id": "RHSA-2023:5440", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5440" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5475", "reference_id": "RHSA-2023:5475", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5475" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5477", "reference_id": "RHSA-2023:5477", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5477" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5534", "reference_id": "RHSA-2023:5534", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5534" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5535", "reference_id": "RHSA-2023:5535", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5535" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5536", "reference_id": "RHSA-2023:5536", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5536" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5537", "reference_id": "RHSA-2023:5537", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5537" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5538", "reference_id": "RHSA-2023:5538", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5538" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5539", "reference_id": "RHSA-2023:5539", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5539" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5540", "reference_id": "RHSA-2023:5540", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5540" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TE7F54W5O5RS4ZMAAC7YK3CZWQXIDSKB/", "reference_id": "TE7F54W5O5RS4ZMAAC7YK3CZWQXIDSKB", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TE7F54W5O5RS4ZMAAC7YK3CZWQXIDSKB/" }, { "reference_url": "https://usn.ubuntu.com/6403-1/", "reference_id": "USN-6403-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6403-1/" }, { "reference_url": "https://usn.ubuntu.com/6403-2/", "reference_id": "USN-6403-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6403-2/" }, { "reference_url": "https://usn.ubuntu.com/6403-3/", "reference_id": "USN-6403-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6403-3/" }, { "reference_url": "https://usn.ubuntu.com/6404-1/", "reference_id": "USN-6404-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6404-1/" }, { "reference_url": "https://usn.ubuntu.com/6405-1/", "reference_id": "USN-6405-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6405-1/" }, { "reference_url": "https://usn.ubuntu.com/7172-1/", "reference_id": "USN-7172-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7172-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049205?format=api", "purl": "pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8vka-qus2-tbhj" }, { "vulnerability": "VCID-98mt-7srw-qfh4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.9.0-1%252Bdeb11u3" } ], "aliases": [ "CVE-2023-5217", "GHSA-qqvq-6xgj-jw8g" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-f81v-9fv8-93cd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/68142?format=api", "vulnerability_id": "VCID-hhsp-7swr-qybd", "summary": "security update", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13194.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13194.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-13194", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01253", "scoring_system": "epss", "scoring_elements": "0.79307", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01253", "scoring_system": "epss", "scoring_elements": "0.79314", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01253", "scoring_system": "epss", "scoring_elements": "0.79337", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01253", "scoring_system": "epss", "scoring_elements": "0.79323", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01253", "scoring_system": "epss", "scoring_elements": "0.79349", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01253", "scoring_system": "epss", "scoring_elements": "0.79358", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01253", "scoring_system": "epss", "scoring_elements": "0.79381", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01253", "scoring_system": "epss", "scoring_elements": "0.79366", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01253", "scoring_system": "epss", "scoring_elements": "0.79356", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01253", "scoring_system": "epss", "scoring_elements": "0.79382", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-13194" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13194", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13194" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535183", "reference_id": "1535183", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535183" }, { "reference_url": "https://usn.ubuntu.com/4199-1/", "reference_id": "USN-4199-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4199-1/" }, { "reference_url": "https://usn.ubuntu.com/4199-2/", "reference_id": "USN-4199-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4199-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1036426?format=api", "purl": "pkg:deb/debian/libvpx@1.3.0-3%2Bdeb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-59n6-fj5x-33gn" }, { "vulnerability": "VCID-5bx8-w9sb-1bbs" }, { "vulnerability": "VCID-5n7c-tqzz-nfha" }, { "vulnerability": "VCID-7s5h-zrax-hkcv" }, { "vulnerability": "VCID-8vka-qus2-tbhj" }, { "vulnerability": "VCID-98mt-7srw-qfh4" }, { "vulnerability": "VCID-djwx-su1m-57h4" }, { "vulnerability": "VCID-f81v-9fv8-93cd" }, { "vulnerability": "VCID-hhsp-7swr-qybd" }, { "vulnerability": "VCID-hkfy-wbqn-sba8" }, { "vulnerability": "VCID-kuxu-ty5p-8qbf" }, { "vulnerability": "VCID-mcab-z6qn-gkds" }, { "vulnerability": "VCID-nw6w-7x8f-x7fw" }, { "vulnerability": "VCID-qcyp-en6e-vya2" }, { "vulnerability": "VCID-qjuf-f8ec-byc7" }, { "vulnerability": "VCID-s76d-pjvk-63cr" }, { "vulnerability": "VCID-tbkw-k4a7-43fp" }, { "vulnerability": "VCID-txwy-bkhg-9qfv" }, { "vulnerability": "VCID-ut2r-gvwc-4ydu" }, { "vulnerability": "VCID-veqq-773w-1ba9" }, { "vulnerability": "VCID-wg9d-bt6y-6yfd" }, { "vulnerability": "VCID-yhw4-v629-jye8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.3.0-3%252Bdeb8u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037261?format=api", "purl": "pkg:deb/debian/libvpx@1.6.1-3%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-59n6-fj5x-33gn" }, { "vulnerability": "VCID-7s5h-zrax-hkcv" }, { "vulnerability": "VCID-8vka-qus2-tbhj" }, { "vulnerability": "VCID-98mt-7srw-qfh4" }, { "vulnerability": "VCID-djwx-su1m-57h4" }, { "vulnerability": "VCID-f81v-9fv8-93cd" }, { "vulnerability": "VCID-hhsp-7swr-qybd" }, { "vulnerability": "VCID-kuxu-ty5p-8qbf" }, { "vulnerability": "VCID-mcab-z6qn-gkds" }, { "vulnerability": "VCID-txwy-bkhg-9qfv" }, { "vulnerability": "VCID-ut2r-gvwc-4ydu" }, { "vulnerability": "VCID-veqq-773w-1ba9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.6.1-3%252Bdeb9u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1038071?format=api", "purl": "pkg:deb/debian/libvpx@1.7.0-3%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-59n6-fj5x-33gn" }, { "vulnerability": "VCID-8vka-qus2-tbhj" }, { "vulnerability": "VCID-98mt-7srw-qfh4" }, { "vulnerability": "VCID-djwx-su1m-57h4" }, { "vulnerability": "VCID-f81v-9fv8-93cd" }, { "vulnerability": "VCID-kuxu-ty5p-8qbf" }, { "vulnerability": "VCID-mcab-z6qn-gkds" }, { "vulnerability": "VCID-txwy-bkhg-9qfv" }, { "vulnerability": "VCID-ut2r-gvwc-4ydu" }, { "vulnerability": "VCID-veqq-773w-1ba9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.7.0-3%252Bdeb10u1" } ], "aliases": [ "CVE-2017-13194" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hhsp-7swr-qybd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/92942?format=api", "vulnerability_id": "VCID-hkfy-wbqn-sba8", "summary": "A remote denial of service vulnerability in libvpx in Mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-11-01 could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High due to the possibility of remote denial of service. Android ID: A-30593752.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6712", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00192", "scoring_system": "epss", "scoring_elements": "0.41071", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00192", "scoring_system": "epss", "scoring_elements": "0.41163", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00192", "scoring_system": "epss", "scoring_elements": "0.41194", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00192", "scoring_system": "epss", "scoring_elements": "0.41121", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00192", "scoring_system": "epss", "scoring_elements": "0.41169", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00192", "scoring_system": "epss", "scoring_elements": "0.41177", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00192", "scoring_system": "epss", "scoring_elements": "0.41197", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00192", "scoring_system": "epss", "scoring_elements": "0.41164", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00192", "scoring_system": "epss", "scoring_elements": "0.4115", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00192", "scoring_system": "epss", "scoring_elements": "0.41193", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6712" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6712", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6712" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037260?format=api", "purl": "pkg:deb/debian/libvpx@1.6.1-2~bpo8%2B1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-59n6-fj5x-33gn" }, { "vulnerability": "VCID-7s5h-zrax-hkcv" }, { "vulnerability": "VCID-8vka-qus2-tbhj" }, { "vulnerability": "VCID-98mt-7srw-qfh4" }, { "vulnerability": "VCID-djwx-su1m-57h4" }, { "vulnerability": "VCID-f81v-9fv8-93cd" }, { "vulnerability": "VCID-hhsp-7swr-qybd" }, { "vulnerability": "VCID-kuxu-ty5p-8qbf" }, { "vulnerability": "VCID-mcab-z6qn-gkds" }, { "vulnerability": "VCID-txwy-bkhg-9qfv" }, { "vulnerability": "VCID-ut2r-gvwc-4ydu" }, { "vulnerability": "VCID-veqq-773w-1ba9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.6.1-2~bpo8%252B1" } ], "aliases": [ "CVE-2016-6712" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hkfy-wbqn-sba8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/75512?format=api", "vulnerability_id": "VCID-kuxu-ty5p-8qbf", "summary": "libvpx: Heap buffer overflow related to VP9 encoding", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6349.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6349.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-6349", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.23348", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.23242", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.23321", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.23283", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.23226", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.23388", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.23176", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.2325", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.233", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-6349" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6349", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6349" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://crbug.com/webm/1642", "reference_id": "1642", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:P/VC:L/VI:H/VA:N/SC:L/SI:H/SA:N/S:N/AU:N/R:A/V:D" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-28T15:01:21Z/" } ], "url": "https://crbug.com/webm/1642" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2283553", "reference_id": "2283553", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2283553" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5941", "reference_id": "RHSA-2024:5941", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5941" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4128", "reference_id": "RHSA-2026:4128", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4128" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049205?format=api", "purl": "pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8vka-qus2-tbhj" }, { "vulnerability": "VCID-98mt-7srw-qfh4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.9.0-1%252Bdeb11u3" } ], "aliases": [ "CVE-2023-6349" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kuxu-ty5p-8qbf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59348?format=api", "vulnerability_id": "VCID-mcab-z6qn-gkds", "summary": "Multiple vulnerabilities have been discovered in libvpx, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-44488.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-44488.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-44488", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01446", "scoring_system": "epss", "scoring_elements": "0.80782", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01446", "scoring_system": "epss", "scoring_elements": "0.80744", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01446", "scoring_system": "epss", "scoring_elements": "0.80752", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01446", "scoring_system": "epss", "scoring_elements": "0.80769", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01446", "scoring_system": "epss", "scoring_elements": "0.80753", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01446", "scoring_system": "epss", "scoring_elements": "0.80745", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01486", "scoring_system": "epss", "scoring_elements": "0.80975", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01486", "scoring_system": "epss", "scoring_elements": "0.80997", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01486", "scoring_system": "epss", "scoring_elements": "0.80999", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-44488" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44488", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44488" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241806", "reference_id": "2241806", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-23T16:14:51Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241806" }, { "reference_url": "https://github.com/webmproject/libvpx/commit/263682c9a29395055f3b3afe2d97be1828a6223f", "reference_id": "263682c9a29395055f3b3afe2d97be1828a6223f", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-23T16:14:51Z/" } ], "url": "https://github.com/webmproject/libvpx/commit/263682c9a29395055f3b3afe2d97be1828a6223f" }, { "reference_url": "https://github.com/webmproject/libvpx/commit/df9fd9d5b7325060b2b921558a1eb20ca7880937", "reference_id": "df9fd9d5b7325060b2b921558a1eb20ca7880937", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-23T16:14:51Z/" } ], "url": "https://github.com/webmproject/libvpx/commit/df9fd9d5b7325060b2b921558a1eb20ca7880937" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5518", "reference_id": "dsa-5518", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-23T16:14:51Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5518" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5534", "reference_id": "RHSA-2023:5534", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5534" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5535", "reference_id": "RHSA-2023:5535", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5535" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5536", "reference_id": "RHSA-2023:5536", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5536" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5537", "reference_id": "RHSA-2023:5537", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5537" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5538", "reference_id": "RHSA-2023:5538", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5538" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5539", "reference_id": "RHSA-2023:5539", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5539" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5540", "reference_id": "RHSA-2023:5540", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5540" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6162", "reference_id": "RHSA-2023:6162", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6162" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6185", "reference_id": "RHSA-2023:6185", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6185" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6186", "reference_id": "RHSA-2023:6186", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6186" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6187", "reference_id": "RHSA-2023:6187", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6187" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6188", "reference_id": "RHSA-2023:6188", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6188" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6189", "reference_id": "RHSA-2023:6189", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6189" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6190", "reference_id": "RHSA-2023:6190", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6190" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6191", "reference_id": "RHSA-2023:6191", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6191" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6192", "reference_id": "RHSA-2023:6192", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6192" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6194", "reference_id": "RHSA-2023:6194", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6194" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6195", "reference_id": "RHSA-2023:6195", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6195" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6196", "reference_id": "RHSA-2023:6196", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6196" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6197", "reference_id": "RHSA-2023:6197", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6197" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6198", "reference_id": "RHSA-2023:6198", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6198" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6199", "reference_id": "RHSA-2023:6199", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6199" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TE7F54W5O5RS4ZMAAC7YK3CZWQXIDSKB/", "reference_id": "TE7F54W5O5RS4ZMAAC7YK3CZWQXIDSKB", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-23T16:14:51Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TE7F54W5O5RS4ZMAAC7YK3CZWQXIDSKB/" }, { "reference_url": "https://usn.ubuntu.com/6403-1/", "reference_id": "USN-6403-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6403-1/" }, { "reference_url": "https://usn.ubuntu.com/6403-2/", "reference_id": "USN-6403-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6403-2/" }, { "reference_url": "https://usn.ubuntu.com/6403-3/", "reference_id": "USN-6403-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6403-3/" }, { "reference_url": "https://github.com/webmproject/libvpx/compare/v1.13.0...v1.13.1", "reference_id": "v1.13.0...v1.13.1", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-23T16:14:51Z/" } ], "url": "https://github.com/webmproject/libvpx/compare/v1.13.0...v1.13.1" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049205?format=api", "purl": "pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8vka-qus2-tbhj" }, { "vulnerability": "VCID-98mt-7srw-qfh4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.9.0-1%252Bdeb11u3" } ], "aliases": [ "CVE-2023-44488" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mcab-z6qn-gkds" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/92890?format=api", "vulnerability_id": "VCID-nw6w-7x8f-x7fw", "summary": "The decoder_peek_si_internal function in vp9/vp9_dx_iface.c in libvpx in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-09-01, and 7.0 before 2016-09-01 allows remote attackers to cause a denial of service (buffer over-read, and device hang or reboot) via a crafted media file, aka internal bug 30013856.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-3881", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00266", "scoring_system": "epss", "scoring_elements": "0.50006", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00266", "scoring_system": "epss", "scoring_elements": "0.50044", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00266", "scoring_system": "epss", "scoring_elements": "0.50072", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00266", "scoring_system": "epss", "scoring_elements": "0.50022", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00266", "scoring_system": "epss", "scoring_elements": "0.50077", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00266", "scoring_system": "epss", "scoring_elements": "0.50069", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00266", "scoring_system": "epss", "scoring_elements": "0.50087", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00266", "scoring_system": "epss", "scoring_elements": "0.50059", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00266", "scoring_system": "epss", "scoring_elements": "0.50055", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00266", "scoring_system": "epss", "scoring_elements": "0.501", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-3881" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3881", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3881" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037260?format=api", "purl": "pkg:deb/debian/libvpx@1.6.1-2~bpo8%2B1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-59n6-fj5x-33gn" }, { "vulnerability": "VCID-7s5h-zrax-hkcv" }, { "vulnerability": "VCID-8vka-qus2-tbhj" }, { "vulnerability": "VCID-98mt-7srw-qfh4" }, { "vulnerability": "VCID-djwx-su1m-57h4" }, { "vulnerability": "VCID-f81v-9fv8-93cd" }, { "vulnerability": "VCID-hhsp-7swr-qybd" }, { "vulnerability": "VCID-kuxu-ty5p-8qbf" }, { "vulnerability": "VCID-mcab-z6qn-gkds" }, { "vulnerability": "VCID-txwy-bkhg-9qfv" }, { "vulnerability": "VCID-ut2r-gvwc-4ydu" }, { "vulnerability": "VCID-veqq-773w-1ba9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.6.1-2~bpo8%252B1" } ], "aliases": [ "CVE-2016-3881" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nw6w-7x8f-x7fw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/84662?format=api", "vulnerability_id": "VCID-qcyp-en6e-vya2", "summary": "libvpx: Denial of service in mediaserver", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-0393.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-0393.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-0393", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00414", "scoring_system": "epss", "scoring_elements": "0.61414", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00414", "scoring_system": "epss", "scoring_elements": "0.6149", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00414", "scoring_system": "epss", "scoring_elements": "0.61519", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00414", "scoring_system": "epss", "scoring_elements": "0.61538", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00414", "scoring_system": "epss", "scoring_elements": "0.61552", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00414", "scoring_system": "epss", "scoring_elements": "0.61573", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00414", "scoring_system": "epss", "scoring_elements": "0.6156", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00414", "scoring_system": "epss", "scoring_elements": "0.6154", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00414", "scoring_system": "epss", "scoring_elements": "0.61582", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-0393" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0393", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0393" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1769657", "reference_id": "1769657", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1769657" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3876", "reference_id": "RHSA-2020:3876", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3876" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037260?format=api", "purl": "pkg:deb/debian/libvpx@1.6.1-2~bpo8%2B1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-59n6-fj5x-33gn" }, { "vulnerability": "VCID-7s5h-zrax-hkcv" }, { "vulnerability": "VCID-8vka-qus2-tbhj" }, { "vulnerability": "VCID-98mt-7srw-qfh4" }, { "vulnerability": "VCID-djwx-su1m-57h4" }, { "vulnerability": "VCID-f81v-9fv8-93cd" }, { "vulnerability": "VCID-hhsp-7swr-qybd" }, { "vulnerability": "VCID-kuxu-ty5p-8qbf" }, { "vulnerability": "VCID-mcab-z6qn-gkds" }, { "vulnerability": "VCID-txwy-bkhg-9qfv" }, { "vulnerability": "VCID-ut2r-gvwc-4ydu" }, { "vulnerability": "VCID-veqq-773w-1ba9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.6.1-2~bpo8%252B1" } ], "aliases": [ "CVE-2017-0393" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qcyp-en6e-vya2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/60742?format=api", "vulnerability_id": "VCID-qjuf-f8ec-byc7", "summary": "security update", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4506.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4506.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-4506", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.07974", "scoring_system": "epss", "scoring_elements": "0.92089", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.07974", "scoring_system": "epss", "scoring_elements": "0.92045", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.07974", "scoring_system": "epss", "scoring_elements": "0.92051", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.07974", "scoring_system": "epss", "scoring_elements": "0.92058", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.07974", "scoring_system": "epss", "scoring_elements": "0.92063", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.07974", "scoring_system": "epss", "scoring_elements": "0.92075", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.07974", "scoring_system": "epss", "scoring_elements": "0.92078", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.07974", "scoring_system": "epss", "scoring_elements": "0.92082", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-4506" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4500", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4500" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4506", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4506" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4509", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4509" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4511", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4511" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4517", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4517" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4519", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4519" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4520", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4520" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4521", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4521" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4522", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4522" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7174", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7174" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7175", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7175" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7176", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7176" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7177", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7177" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7180", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7180" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1265617", "reference_id": "1265617", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1265617" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-101", "reference_id": "mfsa2015-101", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-101" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1834", "reference_id": "RHSA-2015:1834", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1834" }, { "reference_url": "https://usn.ubuntu.com/2743-1/", "reference_id": "USN-2743-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2743-1/" }, { "reference_url": "https://usn.ubuntu.com/2754-1/", "reference_id": "USN-2754-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2754-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037259?format=api", "purl": "pkg:deb/debian/libvpx@1.6.0-2~bpo8%2B1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-59n6-fj5x-33gn" }, { "vulnerability": "VCID-5bx8-w9sb-1bbs" }, { "vulnerability": "VCID-5n7c-tqzz-nfha" }, { "vulnerability": "VCID-7s5h-zrax-hkcv" }, { "vulnerability": "VCID-8vka-qus2-tbhj" }, { "vulnerability": "VCID-98mt-7srw-qfh4" }, { "vulnerability": "VCID-djwx-su1m-57h4" }, { "vulnerability": "VCID-f81v-9fv8-93cd" }, { "vulnerability": "VCID-hhsp-7swr-qybd" }, { "vulnerability": "VCID-hkfy-wbqn-sba8" }, { "vulnerability": "VCID-kuxu-ty5p-8qbf" }, { "vulnerability": "VCID-mcab-z6qn-gkds" }, { "vulnerability": "VCID-nw6w-7x8f-x7fw" }, { "vulnerability": "VCID-qcyp-en6e-vya2" }, { "vulnerability": "VCID-txwy-bkhg-9qfv" }, { "vulnerability": "VCID-ut2r-gvwc-4ydu" }, { "vulnerability": "VCID-veqq-773w-1ba9" }, { "vulnerability": "VCID-wg9d-bt6y-6yfd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.6.0-2~bpo8%252B1" } ], "aliases": [ "CVE-2015-4506" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qjuf-f8ec-byc7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51691?format=api", "vulnerability_id": "VCID-s76d-pjvk-63cr", "summary": "Multiple vulnerabilities have been found in Firefox, Thunderbird,\n Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with\n the worst of which may allow remote execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4485.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4485.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-4485", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.07599", "scoring_system": "epss", "scoring_elements": "0.91871", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.07599", "scoring_system": "epss", "scoring_elements": "0.9181", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.07599", "scoring_system": "epss", "scoring_elements": "0.91818", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.07599", "scoring_system": "epss", "scoring_elements": "0.91824", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.07599", "scoring_system": "epss", "scoring_elements": "0.91832", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.07599", "scoring_system": "epss", "scoring_elements": "0.91845", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.07599", "scoring_system": "epss", "scoring_elements": "0.91851", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.07599", "scoring_system": "epss", "scoring_elements": "0.91855", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.07599", "scoring_system": "epss", "scoring_elements": "0.91856", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.07599", "scoring_system": "epss", "scoring_elements": "0.91852", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-4485" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1252292", "reference_id": "1252292", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1252292" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4485", "reference_id": "CVE-2015-4485", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4485" }, { "reference_url": "https://security.gentoo.org/glsa/201605-06", "reference_id": "GLSA-201605-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201605-06" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-89", "reference_id": "mfsa2015-89", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-89" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1586", "reference_id": "RHSA-2015:1586", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1586" }, { "reference_url": "https://usn.ubuntu.com/2702-1/", "reference_id": "USN-2702-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2702-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037259?format=api", "purl": "pkg:deb/debian/libvpx@1.6.0-2~bpo8%2B1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-59n6-fj5x-33gn" }, { "vulnerability": "VCID-5bx8-w9sb-1bbs" }, { "vulnerability": "VCID-5n7c-tqzz-nfha" }, { "vulnerability": "VCID-7s5h-zrax-hkcv" }, { "vulnerability": "VCID-8vka-qus2-tbhj" }, { "vulnerability": "VCID-98mt-7srw-qfh4" }, { "vulnerability": "VCID-djwx-su1m-57h4" }, { "vulnerability": "VCID-f81v-9fv8-93cd" }, { "vulnerability": "VCID-hhsp-7swr-qybd" }, { "vulnerability": "VCID-hkfy-wbqn-sba8" }, { "vulnerability": "VCID-kuxu-ty5p-8qbf" }, { "vulnerability": "VCID-mcab-z6qn-gkds" }, { "vulnerability": "VCID-nw6w-7x8f-x7fw" }, { "vulnerability": "VCID-qcyp-en6e-vya2" }, { "vulnerability": "VCID-txwy-bkhg-9qfv" }, { "vulnerability": "VCID-ut2r-gvwc-4ydu" }, { "vulnerability": "VCID-veqq-773w-1ba9" }, { "vulnerability": "VCID-wg9d-bt6y-6yfd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.6.0-2~bpo8%252B1" } ], "aliases": [ "CVE-2015-4485" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-s76d-pjvk-63cr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51693?format=api", "vulnerability_id": "VCID-tbkw-k4a7-43fp", "summary": "Multiple vulnerabilities have been found in Firefox, Thunderbird,\n Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with\n the worst of which may allow remote execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4486.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4486.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-4486", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01667", "scoring_system": "epss", "scoring_elements": "0.82134", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01667", "scoring_system": "epss", "scoring_elements": "0.82035", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01667", "scoring_system": "epss", "scoring_elements": "0.82047", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01667", "scoring_system": "epss", "scoring_elements": "0.82068", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01667", "scoring_system": "epss", "scoring_elements": "0.82064", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01667", "scoring_system": "epss", "scoring_elements": "0.8209", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01667", "scoring_system": "epss", "scoring_elements": "0.82097", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01667", "scoring_system": "epss", "scoring_elements": "0.82116", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01667", "scoring_system": "epss", "scoring_elements": "0.82107", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01667", "scoring_system": "epss", "scoring_elements": "0.82099", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-4486" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1252292", "reference_id": "1252292", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1252292" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4486", "reference_id": "CVE-2015-4486", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4486" }, { "reference_url": "https://security.gentoo.org/glsa/201605-06", "reference_id": "GLSA-201605-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201605-06" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-89", "reference_id": "mfsa2015-89", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2015-89" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1586", "reference_id": "RHSA-2015:1586", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1586" }, { "reference_url": "https://usn.ubuntu.com/2702-1/", "reference_id": "USN-2702-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2702-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037259?format=api", "purl": "pkg:deb/debian/libvpx@1.6.0-2~bpo8%2B1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-59n6-fj5x-33gn" }, { "vulnerability": "VCID-5bx8-w9sb-1bbs" }, { "vulnerability": "VCID-5n7c-tqzz-nfha" }, { "vulnerability": "VCID-7s5h-zrax-hkcv" }, { "vulnerability": "VCID-8vka-qus2-tbhj" }, { "vulnerability": "VCID-98mt-7srw-qfh4" }, { "vulnerability": "VCID-djwx-su1m-57h4" }, { "vulnerability": "VCID-f81v-9fv8-93cd" }, { "vulnerability": "VCID-hhsp-7swr-qybd" }, { "vulnerability": "VCID-hkfy-wbqn-sba8" }, { "vulnerability": "VCID-kuxu-ty5p-8qbf" }, { "vulnerability": "VCID-mcab-z6qn-gkds" }, { "vulnerability": "VCID-nw6w-7x8f-x7fw" }, { "vulnerability": "VCID-qcyp-en6e-vya2" }, { "vulnerability": "VCID-txwy-bkhg-9qfv" }, { "vulnerability": "VCID-ut2r-gvwc-4ydu" }, { "vulnerability": "VCID-veqq-773w-1ba9" }, { "vulnerability": "VCID-wg9d-bt6y-6yfd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.6.0-2~bpo8%252B1" } ], "aliases": [ "CVE-2015-4486" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tbkw-k4a7-43fp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47984?format=api", "vulnerability_id": "VCID-txwy-bkhg-9qfv", "summary": "Multiple vulnerabilities have been found in libvpx, the worst of\n which could result in the execution of arbitrary code.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00049.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00049.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9325.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9325.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9325", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0889", "scoring_system": "epss", "scoring_elements": "0.92528", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0889", "scoring_system": "epss", "scoring_elements": "0.92576", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0889", "scoring_system": "epss", "scoring_elements": "0.92559", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0889", "scoring_system": "epss", "scoring_elements": "0.92565", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0889", "scoring_system": "epss", "scoring_elements": "0.92566", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0889", "scoring_system": "epss", "scoring_elements": "0.92533", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0889", "scoring_system": "epss", "scoring_elements": "0.9254", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0889", "scoring_system": "epss", "scoring_elements": "0.92543", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0889", "scoring_system": "epss", "scoring_elements": "0.92554", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9325" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9232", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9232" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9325", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9325" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9433", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9433" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DQSTK442ATWJOR4TU3MR6C3N5A6NDFFN/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DQSTK442ATWJOR4TU3MR6C3N5A6NDFFN/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U2IIA3RSYABBUCFIHXIRVUT5CTJVWWZ6/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U2IIA3RSYABBUCFIHXIRVUT5CTJVWWZ6/" }, { "reference_url": "https://seclists.org/bugtraq/2019/Nov/43", "reference_id": "", "reference_type": "", "scores": [], "url": "https://seclists.org/bugtraq/2019/Nov/43" }, { "reference_url": "https://source.android.com/security/bulletin/android-10", "reference_id": "", "reference_type": "", "scores": [], "url": "https://source.android.com/security/bulletin/android-10" }, { "reference_url": "https://www.debian.org/security/2019/dsa-4578", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2019/dsa-4578" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2019/10/25/17", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2019/10/25/17" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2019/10/27/1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2019/10/27/1" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2019/11/07/1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2019/11/07/1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1789002", "reference_id": "1789002", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1789002" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9325", "reference_id": "CVE-2019-9325", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:N/A:N" }, { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9325" }, { "reference_url": "https://security.gentoo.org/glsa/202003-59", "reference_id": "GLSA-202003-59", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202003-59" }, { "reference_url": "https://usn.ubuntu.com/4199-1/", "reference_id": "USN-4199-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4199-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037261?format=api", "purl": "pkg:deb/debian/libvpx@1.6.1-3%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-59n6-fj5x-33gn" }, { "vulnerability": "VCID-7s5h-zrax-hkcv" }, { "vulnerability": "VCID-8vka-qus2-tbhj" }, { "vulnerability": "VCID-98mt-7srw-qfh4" }, { "vulnerability": "VCID-djwx-su1m-57h4" }, { "vulnerability": "VCID-f81v-9fv8-93cd" }, { "vulnerability": "VCID-hhsp-7swr-qybd" }, { "vulnerability": "VCID-kuxu-ty5p-8qbf" }, { "vulnerability": "VCID-mcab-z6qn-gkds" }, { "vulnerability": "VCID-txwy-bkhg-9qfv" }, { "vulnerability": "VCID-ut2r-gvwc-4ydu" }, { "vulnerability": "VCID-veqq-773w-1ba9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.6.1-3%252Bdeb9u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1038071?format=api", "purl": "pkg:deb/debian/libvpx@1.7.0-3%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-59n6-fj5x-33gn" }, { "vulnerability": "VCID-8vka-qus2-tbhj" }, { "vulnerability": "VCID-98mt-7srw-qfh4" }, { "vulnerability": "VCID-djwx-su1m-57h4" }, { "vulnerability": "VCID-f81v-9fv8-93cd" }, { "vulnerability": "VCID-kuxu-ty5p-8qbf" }, { "vulnerability": "VCID-mcab-z6qn-gkds" }, { "vulnerability": "VCID-txwy-bkhg-9qfv" }, { "vulnerability": "VCID-ut2r-gvwc-4ydu" }, { "vulnerability": "VCID-veqq-773w-1ba9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.7.0-3%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049205?format=api", "purl": "pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8vka-qus2-tbhj" }, { "vulnerability": "VCID-98mt-7srw-qfh4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.9.0-1%252Bdeb11u3" } ], "aliases": [ "CVE-2019-9325" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-txwy-bkhg-9qfv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47985?format=api", "vulnerability_id": "VCID-ut2r-gvwc-4ydu", "summary": "Multiple vulnerabilities have been found in libvpx, the worst of\n which could result in the execution of arbitrary code.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00049.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00049.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9371.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9371.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9371", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.17758", "scoring_system": "epss", "scoring_elements": "0.95088", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.17758", "scoring_system": "epss", "scoring_elements": "0.9513", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.17758", "scoring_system": "epss", "scoring_elements": "0.95118", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.17758", "scoring_system": "epss", "scoring_elements": "0.9512", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.17758", "scoring_system": "epss", "scoring_elements": "0.95123", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.17758", "scoring_system": "epss", "scoring_elements": "0.95099", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.17758", "scoring_system": "epss", "scoring_elements": "0.951", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.17758", "scoring_system": "epss", "scoring_elements": "0.95102", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.17758", "scoring_system": "epss", "scoring_elements": "0.95109", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.17758", "scoring_system": "epss", "scoring_elements": "0.95112", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9371" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9371", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9371" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DQSTK442ATWJOR4TU3MR6C3N5A6NDFFN/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DQSTK442ATWJOR4TU3MR6C3N5A6NDFFN/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U2IIA3RSYABBUCFIHXIRVUT5CTJVWWZ6/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U2IIA3RSYABBUCFIHXIRVUT5CTJVWWZ6/" }, { "reference_url": "https://seclists.org/bugtraq/2019/Nov/43", "reference_id": "", "reference_type": "", "scores": [], "url": "https://seclists.org/bugtraq/2019/Nov/43" }, { "reference_url": "https://source.android.com/security/bulletin/android-10", "reference_id": "", "reference_type": "", "scores": [], "url": "https://source.android.com/security/bulletin/android-10" }, { "reference_url": "https://www.debian.org/security/2019/dsa-4578", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2019/dsa-4578" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2019/10/25/17", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2019/10/25/17" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2019/10/27/1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2019/10/27/1" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2019/11/07/1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2019/11/07/1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1789004", "reference_id": "1789004", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1789004" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9371", "reference_id": "CVE-2019-9371", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:C" }, { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9371" }, { "reference_url": "https://security.gentoo.org/glsa/202003-59", "reference_id": "GLSA-202003-59", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202003-59" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4629", "reference_id": "RHSA-2020:4629", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4629" }, { "reference_url": "https://usn.ubuntu.com/4199-1/", "reference_id": "USN-4199-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4199-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049205?format=api", "purl": "pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8vka-qus2-tbhj" }, { "vulnerability": "VCID-98mt-7srw-qfh4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.9.0-1%252Bdeb11u3" } ], "aliases": [ "CVE-2019-9371" ], "risk_score": 3.2, "exploitability": "0.5", "weighted_severity": "6.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ut2r-gvwc-4ydu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/75394?format=api", "vulnerability_id": "VCID-veqq-773w-1ba9", "summary": "libvpx: Integer overflow in vpx_img_alloc()", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-5197.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-5197.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-5197", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00325", "scoring_system": "epss", "scoring_elements": "0.55535", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00325", "scoring_system": "epss", "scoring_elements": "0.55511", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00325", "scoring_system": "epss", "scoring_elements": "0.55562", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00325", "scoring_system": "epss", "scoring_elements": "0.55563", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00325", "scoring_system": "epss", "scoring_elements": "0.55572", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00325", "scoring_system": "epss", "scoring_elements": "0.55552", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00325", "scoring_system": "epss", "scoring_elements": "0.5551", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00325", "scoring_system": "epss", "scoring_elements": "0.55534", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-5197" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5197", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5197" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2291198", "reference_id": "2291198", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2291198" }, { "reference_url": "https://g-issues.chromium.org/issues/332382766", "reference_id": "332382766", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:P/VC:L/VI:H/VA:N/SC:L/SI:L/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-03T17:27:56Z/" } ], "url": "https://g-issues.chromium.org/issues/332382766" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00005.html", "reference_id": "msg00005.html", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:P/VC:L/VI:H/VA:N/SC:L/SI:L/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-03T17:27:56Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00005.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5941", "reference_id": "RHSA-2024:5941", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5941" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9827", "reference_id": "RHSA-2024:9827", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9827" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14138", "reference_id": "RHSA-2025:14138", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14138" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14139", "reference_id": "RHSA-2025:14139", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14139" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14140", "reference_id": "RHSA-2025:14140", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14140" }, { "reference_url": "https://usn.ubuntu.com/6814-1/", "reference_id": "USN-6814-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6814-1/" }, { "reference_url": "https://usn.ubuntu.com/7249-1/", "reference_id": "USN-7249-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7249-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049205?format=api", "purl": "pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-8vka-qus2-tbhj" }, { "vulnerability": "VCID-98mt-7srw-qfh4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.9.0-1%252Bdeb11u3" } ], "aliases": [ "CVE-2024-5197" ], "risk_score": 3.2, "exploitability": "0.5", "weighted_severity": "6.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-veqq-773w-1ba9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/92941?format=api", "vulnerability_id": "VCID-wg9d-bt6y-6yfd", "summary": "A remote denial of service vulnerability in libvpx in Mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-11-01 could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High due to the possibility of remote denial of service. Android ID: A-30593765.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6711", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00452", "scoring_system": "epss", "scoring_elements": "0.63632", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00452", "scoring_system": "epss", "scoring_elements": "0.63692", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00452", "scoring_system": "epss", "scoring_elements": "0.63718", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00452", "scoring_system": "epss", "scoring_elements": "0.63678", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00452", "scoring_system": "epss", "scoring_elements": "0.6373", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00452", "scoring_system": "epss", "scoring_elements": "0.63747", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00452", "scoring_system": "epss", "scoring_elements": "0.63761", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00452", "scoring_system": "epss", "scoring_elements": "0.63746", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00452", "scoring_system": "epss", "scoring_elements": "0.63713", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00452", "scoring_system": "epss", "scoring_elements": "0.63748", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6711" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6711", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6711" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037260?format=api", "purl": "pkg:deb/debian/libvpx@1.6.1-2~bpo8%2B1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-59n6-fj5x-33gn" }, { "vulnerability": "VCID-7s5h-zrax-hkcv" }, { "vulnerability": "VCID-8vka-qus2-tbhj" }, { "vulnerability": "VCID-98mt-7srw-qfh4" }, { "vulnerability": "VCID-djwx-su1m-57h4" }, { "vulnerability": "VCID-f81v-9fv8-93cd" }, { "vulnerability": "VCID-hhsp-7swr-qybd" }, { "vulnerability": "VCID-kuxu-ty5p-8qbf" }, { "vulnerability": "VCID-mcab-z6qn-gkds" }, { "vulnerability": "VCID-txwy-bkhg-9qfv" }, { "vulnerability": "VCID-ut2r-gvwc-4ydu" }, { "vulnerability": "VCID-veqq-773w-1ba9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.6.1-2~bpo8%252B1" } ], "aliases": [ "CVE-2016-6711" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wg9d-bt6y-6yfd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/60235?format=api", "vulnerability_id": "VCID-yhw4-v629-jye8", "summary": "Multiple vulnerabilities have been fixed in Chromium, the worst of\n which can cause arbitrary remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1258.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1258.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-1258", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02136", "scoring_system": "epss", "scoring_elements": "0.84125", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02136", "scoring_system": "epss", "scoring_elements": "0.84138", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02136", "scoring_system": "epss", "scoring_elements": "0.84156", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02136", "scoring_system": "epss", "scoring_elements": "0.84158", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02136", "scoring_system": "epss", "scoring_elements": "0.8418", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02136", "scoring_system": "epss", "scoring_elements": "0.84187", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02136", "scoring_system": "epss", "scoring_elements": "0.84204", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02136", "scoring_system": "epss", "scoring_elements": "0.84199", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02136", "scoring_system": "epss", "scoring_elements": "0.84195", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02136", "scoring_system": "epss", "scoring_elements": "0.84217", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-1258" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1251", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1251" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1252", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1252" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1253", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1253" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1254", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1254" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1255", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1255" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1256", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1256" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1257", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1257" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1258", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1258" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1259", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1259" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1260", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1260" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1261", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1261" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1262", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1262" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1263", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1263" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1264", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1264" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1265", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1265" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3910", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3910" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1223266", "reference_id": "1223266", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1223266" }, { "reference_url": "https://security.gentoo.org/glsa/201506-04", "reference_id": "GLSA-201506-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201506-04" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1023", "reference_id": "RHSA-2015:1023", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1023" }, { "reference_url": "https://usn.ubuntu.com/2610-1/", "reference_id": "USN-2610-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2610-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037259?format=api", "purl": "pkg:deb/debian/libvpx@1.6.0-2~bpo8%2B1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-59n6-fj5x-33gn" }, { "vulnerability": "VCID-5bx8-w9sb-1bbs" }, { "vulnerability": "VCID-5n7c-tqzz-nfha" }, { "vulnerability": "VCID-7s5h-zrax-hkcv" }, { "vulnerability": "VCID-8vka-qus2-tbhj" }, { "vulnerability": "VCID-98mt-7srw-qfh4" }, { "vulnerability": "VCID-djwx-su1m-57h4" }, { "vulnerability": "VCID-f81v-9fv8-93cd" }, { "vulnerability": "VCID-hhsp-7swr-qybd" }, { "vulnerability": "VCID-hkfy-wbqn-sba8" }, { "vulnerability": "VCID-kuxu-ty5p-8qbf" }, { "vulnerability": "VCID-mcab-z6qn-gkds" }, { "vulnerability": "VCID-nw6w-7x8f-x7fw" }, { "vulnerability": "VCID-qcyp-en6e-vya2" }, { "vulnerability": "VCID-txwy-bkhg-9qfv" }, { "vulnerability": "VCID-ut2r-gvwc-4ydu" }, { "vulnerability": "VCID-veqq-773w-1ba9" }, { "vulnerability": "VCID-wg9d-bt6y-6yfd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.6.0-2~bpo8%252B1" } ], "aliases": [ "CVE-2015-1258" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yhw4-v629-jye8" } ], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/87153?format=api", "vulnerability_id": "VCID-4mzm-67bs-d3h9", "summary": "libvpx: VP8 Codec decoder crash introduced in 0.9.7", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0823.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0823.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-0823", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01214", "scoring_system": "epss", "scoring_elements": "0.78966", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01214", "scoring_system": "epss", "scoring_elements": "0.78972", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01214", "scoring_system": "epss", "scoring_elements": "0.78998", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01214", "scoring_system": "epss", "scoring_elements": "0.78983", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01214", "scoring_system": "epss", "scoring_elements": "0.79007", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01214", "scoring_system": "epss", "scoring_elements": "0.79014", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01214", "scoring_system": "epss", "scoring_elements": "0.79038", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01214", "scoring_system": "epss", "scoring_elements": "0.79022", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01214", "scoring_system": "epss", "scoring_elements": "0.79012", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01214", "scoring_system": "epss", "scoring_elements": "0.7904", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-0823" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0823", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0823" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=785640", "reference_id": "785640", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=785640" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1036424?format=api", "purl": "pkg:deb/debian/libvpx@1.1.0-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4xgr-unyn-jkfj" }, { "vulnerability": "VCID-59n6-fj5x-33gn" }, { "vulnerability": "VCID-5bx8-w9sb-1bbs" }, { "vulnerability": "VCID-5n7c-tqzz-nfha" }, { "vulnerability": "VCID-7s5h-zrax-hkcv" }, { "vulnerability": "VCID-8vka-qus2-tbhj" }, { "vulnerability": "VCID-98mt-7srw-qfh4" }, { "vulnerability": "VCID-djwx-su1m-57h4" }, { "vulnerability": "VCID-f81v-9fv8-93cd" }, { "vulnerability": "VCID-hhsp-7swr-qybd" }, { "vulnerability": "VCID-hkfy-wbqn-sba8" }, { "vulnerability": "VCID-kuxu-ty5p-8qbf" }, { "vulnerability": "VCID-mcab-z6qn-gkds" }, { "vulnerability": "VCID-nw6w-7x8f-x7fw" }, { "vulnerability": "VCID-qcyp-en6e-vya2" }, { "vulnerability": "VCID-qjuf-f8ec-byc7" }, { "vulnerability": "VCID-s76d-pjvk-63cr" }, { "vulnerability": "VCID-tbkw-k4a7-43fp" }, { "vulnerability": "VCID-txwy-bkhg-9qfv" }, { "vulnerability": "VCID-ut2r-gvwc-4ydu" }, { "vulnerability": "VCID-veqq-773w-1ba9" }, { "vulnerability": "VCID-wg9d-bt6y-6yfd" }, { "vulnerability": "VCID-yhw4-v629-jye8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.1.0-1" } ], "aliases": [ "CVE-2012-0823" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4mzm-67bs-d3h9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/87525?format=api", "vulnerability_id": "VCID-d1xs-2tfm-2ud6", "summary": "libvpx: Signedness error in partition size check", "references": [ { "reference_url": "http://code.google.com/p/chromium/issues/detail?id=61653", "reference_id": "", "reference_type": "", "scores": [], "url": "http://code.google.com/p/chromium/issues/detail?id=61653" }, { "reference_url": "http://googlechromereleases.blogspot.com/2010/12/stable-beta-channel-updates.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://googlechromereleases.blogspot.com/2010/12/stable-beta-channel-updates.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4489.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4489.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2010-4489", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00763", "scoring_system": "epss", "scoring_elements": "0.73439", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00763", "scoring_system": "epss", "scoring_elements": "0.73345", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00763", "scoring_system": "epss", "scoring_elements": "0.73355", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00763", "scoring_system": "epss", "scoring_elements": "0.73378", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00763", "scoring_system": "epss", "scoring_elements": "0.7335", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00763", "scoring_system": "epss", "scoring_elements": "0.73387", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00763", "scoring_system": "epss", "scoring_elements": "0.73401", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00763", "scoring_system": "epss", "scoring_elements": "0.73424", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00763", "scoring_system": "epss", "scoring_elements": "0.73404", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00763", "scoring_system": "epss", "scoring_elements": "0.73396", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2010-4489" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4489", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4489" }, { "reference_url": "http://secunia.com/advisories/42472", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/42472" }, { "reference_url": "http://secunia.com/advisories/43728", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/43728" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11919", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11919" }, { "reference_url": "http://www.ubuntu.com/usn/USN-1087-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-1087-1" }, { "reference_url": "http://www.vupen.com/english/advisories/2011/0662", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2011/0662" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=610510", "reference_id": "610510", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=610510" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=670840", "reference_id": "670840", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=670840" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2010-4489", "reference_id": "CVE-2010-4489", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-4489" }, { "reference_url": "https://usn.ubuntu.com/1087-1/", "reference_id": "USN-1087-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1087-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1036424?format=api", "purl": "pkg:deb/debian/libvpx@1.1.0-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4xgr-unyn-jkfj" }, { "vulnerability": "VCID-59n6-fj5x-33gn" }, { "vulnerability": "VCID-5bx8-w9sb-1bbs" }, { "vulnerability": "VCID-5n7c-tqzz-nfha" }, { "vulnerability": "VCID-7s5h-zrax-hkcv" }, { "vulnerability": "VCID-8vka-qus2-tbhj" }, { "vulnerability": "VCID-98mt-7srw-qfh4" }, { "vulnerability": "VCID-djwx-su1m-57h4" }, { "vulnerability": "VCID-f81v-9fv8-93cd" }, { "vulnerability": "VCID-hhsp-7swr-qybd" }, { "vulnerability": "VCID-hkfy-wbqn-sba8" }, { "vulnerability": "VCID-kuxu-ty5p-8qbf" }, { "vulnerability": "VCID-mcab-z6qn-gkds" }, { "vulnerability": "VCID-nw6w-7x8f-x7fw" }, { "vulnerability": "VCID-qcyp-en6e-vya2" }, { "vulnerability": "VCID-qjuf-f8ec-byc7" }, { "vulnerability": "VCID-s76d-pjvk-63cr" }, { "vulnerability": "VCID-tbkw-k4a7-43fp" }, { "vulnerability": "VCID-txwy-bkhg-9qfv" }, { "vulnerability": "VCID-ut2r-gvwc-4ydu" }, { "vulnerability": "VCID-veqq-773w-1ba9" }, { "vulnerability": "VCID-wg9d-bt6y-6yfd" }, { "vulnerability": "VCID-yhw4-v629-jye8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.1.0-1" } ], "aliases": [ "CVE-2010-4489" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-d1xs-2tfm-2ud6" } ], "risk_score": "10.0", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.1.0-1" }