Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/libvpx@1.6.1-2~bpo8%2B1

Type deb

Namespace debian

Name libvpx

Version 1.6.1-2~bpo8+1

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version 1.12.0-1+deb12u4

Latest_non_vulnerable_version 1.12.0-1+deb12u4

Affected_by_vulnerabilities

url VCID-59n6-fj5x-33gn

vulnerability_id VCID-59n6-fj5x-33gn

summary

Multiple vulnerabilities have been found in libvpx, the worst of
    which could result in the execution of arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00049.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00049.html

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9232.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9232.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-9232

reference_id

reference_type

scores

value	0.09266
scoring_system	epss
scoring_elements	0.92699
published_at	2026-04-01T12:55:00Z

value	0.09266
scoring_system	epss
scoring_elements	0.92742
published_at	2026-04-18T12:55:00Z

value	0.09266
scoring_system	epss
scoring_elements	0.92726
published_at	2026-04-09T12:55:00Z

value	0.09266
scoring_system	epss
scoring_elements	0.92731
published_at	2026-04-11T12:55:00Z

value	0.09266
scoring_system	epss
scoring_elements	0.9273
published_at	2026-04-13T12:55:00Z

value	0.09266
scoring_system	epss
scoring_elements	0.92706
published_at	2026-04-02T12:55:00Z

value	0.09266
scoring_system	epss
scoring_elements	0.92713
published_at	2026-04-04T12:55:00Z

value	0.09266
scoring_system	epss
scoring_elements	0.92711
published_at	2026-04-07T12:55:00Z

value	0.09266
scoring_system	epss
scoring_elements	0.92721
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-9232

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9232
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9232

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9325
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9325

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9433
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9433

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.debian.org/debian-lts-announce/2019/11/msg00030.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2019/11/msg00030.html

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DQSTK442ATWJOR4TU3MR6C3N5A6NDFFN/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DQSTK442ATWJOR4TU3MR6C3N5A6NDFFN/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U2IIA3RSYABBUCFIHXIRVUT5CTJVWWZ6/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U2IIA3RSYABBUCFIHXIRVUT5CTJVWWZ6/

reference_url	https://seclists.org/bugtraq/2019/Nov/43
reference_id
reference_type
scores
url	https://seclists.org/bugtraq/2019/Nov/43

reference_url	https://source.android.com/security/bulletin/android-10
reference_id
reference_type
scores
url	https://source.android.com/security/bulletin/android-10

reference_url	https://www.debian.org/security/2019/dsa-4578
reference_id
reference_type
scores
url	https://www.debian.org/security/2019/dsa-4578

reference_url	http://www.openwall.com/lists/oss-security/2019/10/25/17
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2019/10/25/17

reference_url	http://www.openwall.com/lists/oss-security/2019/10/27/1
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2019/10/27/1

reference_url	http://www.openwall.com/lists/oss-security/2019/11/07/1
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2019/11/07/1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1788966
reference_id	1788966
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1788966

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:19.04:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:10.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:30:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:31:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:10.0:::::::*
reference_id	cpe:2.3:o:google:android:10.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:10.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:15.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-9232

reference_id

CVE-2019-9232

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:N/A:N

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2019-9232

reference_url	https://security.gentoo.org/glsa/202003-59
reference_id	GLSA-202003-59
reference_type
scores
url	https://security.gentoo.org/glsa/202003-59

reference_url	https://access.redhat.com/errata/RHSA-2020:3876
reference_id	RHSA-2020:3876
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3876

reference_url	https://access.redhat.com/errata/RHSA-2020:4629
reference_id	RHSA-2020:4629
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:4629

reference_url	https://usn.ubuntu.com/4199-1/
reference_id	USN-4199-1
reference_type
scores
url	https://usn.ubuntu.com/4199-1/

reference_url	https://usn.ubuntu.com/4199-2/
reference_id	USN-4199-2
reference_type
scores
url	https://usn.ubuntu.com/4199-2/

fixed_packages

url pkg:deb/debian/libvpx@1.6.1-3%2Bdeb9u2

purl pkg:deb/debian/libvpx@1.6.1-3%2Bdeb9u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-59n6-fj5x-33gn

vulnerability	VCID-7s5h-zrax-hkcv

vulnerability	VCID-8vka-qus2-tbhj

vulnerability	VCID-98mt-7srw-qfh4

vulnerability	VCID-djwx-su1m-57h4

vulnerability	VCID-f81v-9fv8-93cd

vulnerability	VCID-hhsp-7swr-qybd

vulnerability	VCID-kuxu-ty5p-8qbf

vulnerability	VCID-mcab-z6qn-gkds

vulnerability	VCID-txwy-bkhg-9qfv

vulnerability	VCID-ut2r-gvwc-4ydu

vulnerability	VCID-veqq-773w-1ba9

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.6.1-3%252Bdeb9u2

url pkg:deb/debian/libvpx@1.7.0-3%2Bdeb10u1

purl pkg:deb/debian/libvpx@1.7.0-3%2Bdeb10u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-59n6-fj5x-33gn

vulnerability	VCID-8vka-qus2-tbhj

vulnerability	VCID-98mt-7srw-qfh4

vulnerability	VCID-djwx-su1m-57h4

vulnerability	VCID-f81v-9fv8-93cd

vulnerability	VCID-kuxu-ty5p-8qbf

vulnerability	VCID-mcab-z6qn-gkds

vulnerability	VCID-txwy-bkhg-9qfv

vulnerability	VCID-ut2r-gvwc-4ydu

vulnerability	VCID-veqq-773w-1ba9

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.7.0-3%252Bdeb10u1

url pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u3

purl pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8vka-qus2-tbhj

vulnerability	VCID-98mt-7srw-qfh4

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.9.0-1%252Bdeb11u3

aliases CVE-2019-9232

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-59n6-fj5x-33gn

url VCID-7s5h-zrax-hkcv

vulnerability_id VCID-7s5h-zrax-hkcv

summary libvpx: Out of bounds read in vp8_decode_frame in decodeframe.c

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00048.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00048.html

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-0034.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-0034.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-0034

reference_id

reference_type

scores

value	0.0451
scoring_system	epss
scoring_elements	0.89088
published_at	2026-04-01T12:55:00Z

value	0.0451
scoring_system	epss
scoring_elements	0.89155
published_at	2026-04-18T12:55:00Z

value	0.0451
scoring_system	epss
scoring_elements	0.89148
published_at	2026-04-11T12:55:00Z

value	0.0451
scoring_system	epss
scoring_elements	0.89144
published_at	2026-04-12T12:55:00Z

value	0.0451
scoring_system	epss
scoring_elements	0.89142
published_at	2026-04-13T12:55:00Z

value	0.0451
scoring_system	epss
scoring_elements	0.89097
published_at	2026-04-02T12:55:00Z

value	0.0451
scoring_system	epss
scoring_elements	0.89112
published_at	2026-04-04T12:55:00Z

value	0.0451
scoring_system	epss
scoring_elements	0.89114
published_at	2026-04-07T12:55:00Z

value	0.0451
scoring_system	epss
scoring_elements	0.89132
published_at	2026-04-08T12:55:00Z

value	0.0451
scoring_system	epss
scoring_elements	0.89137
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-0034

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-0034
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-0034

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.debian.org/debian-lts-announce/2021/11/msg00024.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2021/11/msg00024.html

reference_url	https://source.android.com/security/bulletin/2020-03-01
reference_id
reference_type
scores
url	https://source.android.com/security/bulletin/2020-03-01

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1813000
reference_id	1813000
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1813000

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:8.0:::::::*
reference_id	cpe:2.3:o:google:android:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:8.1:::::::*
reference_id	cpe:2.3:o:google:android:8.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:8.1:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2020-0034

reference_id

CVE-2020-0034

reference_type

scores

value	7.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:C/I:N/A:N

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2020-0034

reference_url	https://access.redhat.com/errata/RHSA-2020:3876
reference_id	RHSA-2020:3876
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3876

reference_url	https://usn.ubuntu.com/5637-1/
reference_id	USN-5637-1
reference_type
scores
url	https://usn.ubuntu.com/5637-1/

fixed_packages

url pkg:deb/debian/libvpx@1.7.0-3%2Bdeb10u1

purl pkg:deb/debian/libvpx@1.7.0-3%2Bdeb10u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-59n6-fj5x-33gn

vulnerability	VCID-8vka-qus2-tbhj

vulnerability	VCID-98mt-7srw-qfh4

vulnerability	VCID-djwx-su1m-57h4

vulnerability	VCID-f81v-9fv8-93cd

vulnerability	VCID-kuxu-ty5p-8qbf

vulnerability	VCID-mcab-z6qn-gkds

vulnerability	VCID-txwy-bkhg-9qfv

vulnerability	VCID-ut2r-gvwc-4ydu

vulnerability	VCID-veqq-773w-1ba9

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.7.0-3%252Bdeb10u1

aliases CVE-2020-0034

risk_score 3.5

exploitability 0.5

weighted_severity 7.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7s5h-zrax-hkcv

url VCID-8vka-qus2-tbhj

vulnerability_id VCID-8vka-qus2-tbhj

summary Heap buffer overflow in libvpx. This vulnerability affects Firefox < 147.0.4, Firefox ESR < 140.7.1, Firefox ESR < 115.32.1, Thunderbird < 140.7.2, and Thunderbird < 147.0.2.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2447.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2447.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-2447

reference_id

reference_type

scores

value	0.00017
scoring_system	epss
scoring_elements	0.03927
published_at	2026-04-09T12:55:00Z

value	0.00017
scoring_system	epss
scoring_elements	0.03884
published_at	2026-04-04T12:55:00Z

value	0.00017
scoring_system	epss
scoring_elements	0.03897
published_at	2026-04-07T12:55:00Z

value	0.00017
scoring_system	epss
scoring_elements	0.03902
published_at	2026-04-08T12:55:00Z

value	0.00017
scoring_system	epss
scoring_elements	0.03896
published_at	2026-04-11T12:55:00Z

value	0.00017
scoring_system	epss
scoring_elements	0.03874
published_at	2026-04-02T12:55:00Z

value	0.00017
scoring_system	epss
scoring_elements	0.03839
published_at	2026-04-18T12:55:00Z

value	0.00017
scoring_system	epss
scoring_elements	0.03829
published_at	2026-04-16T12:55:00Z

value	0.00017
scoring_system	epss
scoring_elements	0.0385
published_at	2026-04-13T12:55:00Z

value	0.00017
scoring_system	epss
scoring_elements	0.03877
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-2447

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2447
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2447

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1128283
reference_id	1128283
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1128283

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2440219
reference_id	2440219
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2440219

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-10

reference_id

mfsa2026-10

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-10

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-10/

reference_id

mfsa2026-10

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-17T14:52:59Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-10/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-11

reference_id

mfsa2026-11

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-11

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-11/

reference_id

mfsa2026-11

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-17T14:52:59Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-11/

reference_url	https://access.redhat.com/errata/RHSA-2026:3338
reference_id	RHSA-2026:3338
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3338

reference_url	https://access.redhat.com/errata/RHSA-2026:3339
reference_id	RHSA-2026:3339
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3339

reference_url	https://access.redhat.com/errata/RHSA-2026:3361
reference_id	RHSA-2026:3361
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3361

reference_url	https://access.redhat.com/errata/RHSA-2026:3491
reference_id	RHSA-2026:3491
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3491

reference_url	https://access.redhat.com/errata/RHSA-2026:3492
reference_id	RHSA-2026:3492
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3492

reference_url	https://access.redhat.com/errata/RHSA-2026:3493
reference_id	RHSA-2026:3493
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3493

reference_url	https://access.redhat.com/errata/RHSA-2026:3494
reference_id	RHSA-2026:3494
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3494

reference_url	https://access.redhat.com/errata/RHSA-2026:3495
reference_id	RHSA-2026:3495
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3495

reference_url	https://access.redhat.com/errata/RHSA-2026:3496
reference_id	RHSA-2026:3496
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3496

reference_url	https://access.redhat.com/errata/RHSA-2026:3497
reference_id	RHSA-2026:3497
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3497

reference_url	https://access.redhat.com/errata/RHSA-2026:3515
reference_id	RHSA-2026:3515
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3515

reference_url	https://access.redhat.com/errata/RHSA-2026:3516
reference_id	RHSA-2026:3516
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3516

reference_url	https://access.redhat.com/errata/RHSA-2026:3517
reference_id	RHSA-2026:3517
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3517

reference_url	https://access.redhat.com/errata/RHSA-2026:3967
reference_id	RHSA-2026:3967
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3967

reference_url	https://access.redhat.com/errata/RHSA-2026:3976
reference_id	RHSA-2026:3976
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3976

reference_url	https://access.redhat.com/errata/RHSA-2026:3978
reference_id	RHSA-2026:3978
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3978

reference_url	https://access.redhat.com/errata/RHSA-2026:3979
reference_id	RHSA-2026:3979
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3979

reference_url	https://access.redhat.com/errata/RHSA-2026:3980
reference_id	RHSA-2026:3980
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3980

reference_url	https://access.redhat.com/errata/RHSA-2026:3981
reference_id	RHSA-2026:3981
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3981

reference_url	https://access.redhat.com/errata/RHSA-2026:3982
reference_id	RHSA-2026:3982
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3982

reference_url	https://access.redhat.com/errata/RHSA-2026:3983
reference_id	RHSA-2026:3983
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3983

reference_url	https://access.redhat.com/errata/RHSA-2026:3984
reference_id	RHSA-2026:3984
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3984

reference_url	https://access.redhat.com/errata/RHSA-2026:4022
reference_id	RHSA-2026:4022
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4022

reference_url	https://access.redhat.com/errata/RHSA-2026:4152
reference_id	RHSA-2026:4152
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4152

reference_url	https://access.redhat.com/errata/RHSA-2026:4260
reference_id	RHSA-2026:4260
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4260

reference_url	https://access.redhat.com/errata/RHSA-2026:4432
reference_id	RHSA-2026:4432
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4432

reference_url	https://access.redhat.com/errata/RHSA-2026:4447
reference_id	RHSA-2026:4447
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4447

reference_url	https://access.redhat.com/errata/RHSA-2026:4629
reference_id	RHSA-2026:4629
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4629

reference_url	https://access.redhat.com/errata/RHSA-2026:5227
reference_id	RHSA-2026:5227
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5227

reference_url	https://access.redhat.com/errata/RHSA-2026:5228
reference_id	RHSA-2026:5228
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5228

reference_url	https://access.redhat.com/errata/RHSA-2026:5229
reference_id	RHSA-2026:5229
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5229

reference_url	https://access.redhat.com/errata/RHSA-2026:5230
reference_id	RHSA-2026:5230
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5230

reference_url	https://access.redhat.com/errata/RHSA-2026:5231
reference_id	RHSA-2026:5231
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5231

reference_url	https://access.redhat.com/errata/RHSA-2026:5319
reference_id	RHSA-2026:5319
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5319

reference_url	https://access.redhat.com/errata/RHSA-2026:5320
reference_id	RHSA-2026:5320
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5320

reference_url	https://access.redhat.com/errata/RHSA-2026:5323
reference_id	RHSA-2026:5323
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5323

reference_url	https://access.redhat.com/errata/RHSA-2026:5324
reference_id	RHSA-2026:5324
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5324

reference_url	https://access.redhat.com/errata/RHSA-2026:5326
reference_id	RHSA-2026:5326
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5326

reference_url	https://access.redhat.com/errata/RHSA-2026:8746
reference_id	RHSA-2026:8746
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8746

reference_url	https://access.redhat.com/errata/RHSA-2026:8747
reference_id	RHSA-2026:8747
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8747

reference_url	https://access.redhat.com/errata/RHSA-2026:8748
reference_id	RHSA-2026:8748
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8748

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=2014390

reference_id

show_bug.cgi?id=2014390

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-17T14:52:59Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=2014390

reference_url	https://usn.ubuntu.com/8053-1/
reference_id	USN-8053-1
reference_type
scores
url	https://usn.ubuntu.com/8053-1/

fixed_packages

url	pkg:deb/debian/libvpx@1.12.0-1%2Bdeb12u4
purl	pkg:deb/debian/libvpx@1.12.0-1%2Bdeb12u4
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.12.0-1%252Bdeb12u4

aliases CVE-2026-2447

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8vka-qus2-tbhj

url VCID-98mt-7srw-qfh4

vulnerability_id VCID-98mt-7srw-qfh4

summary A vulnerability has been discovered in libvpx, which could lead to execution of arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5283.json

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5283.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-5283

reference_id

reference_type

scores

value	0.00273
scoring_system	epss
scoring_elements	0.50764
published_at	2026-04-18T12:55:00Z

value	0.00273
scoring_system	epss
scoring_elements	0.50758
published_at	2026-04-16T12:55:00Z

value	0.00273
scoring_system	epss
scoring_elements	0.50733
published_at	2026-04-12T12:55:00Z

value	0.00273
scoring_system	epss
scoring_elements	0.50756
published_at	2026-04-11T12:55:00Z

value	0.00273
scoring_system	epss
scoring_elements	0.50681
published_at	2026-04-02T12:55:00Z

value	0.00273
scoring_system	epss
scoring_elements	0.50707
published_at	2026-04-04T12:55:00Z

value	0.00273
scoring_system	epss
scoring_elements	0.50718
published_at	2026-04-13T12:55:00Z

value	0.00273
scoring_system	epss
scoring_elements	0.50663
published_at	2026-04-07T12:55:00Z

value	0.00273
scoring_system	epss
scoring_elements	0.50714
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-5283

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5283
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5283

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1106689
reference_id	1106689
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1106689

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2368749
reference_id	2368749
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2368749

reference_url

https://issues.chromium.org/issues/419467315

reference_id

419467315

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-28T13:25:59Z/

url

https://issues.chromium.org/issues/419467315

reference_url	https://security.gentoo.org/glsa/202509-07
reference_id	GLSA-202509-07
reference_type
scores
url	https://security.gentoo.org/glsa/202509-07

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-42

reference_id

mfsa2025-42

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-42

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-43

reference_id

mfsa2025-43

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-43

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-44

reference_id

mfsa2025-44

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-44

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-45

reference_id

mfsa2025-45

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-45

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-46

reference_id

mfsa2025-46

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-46

reference_url	https://access.redhat.com/errata/RHSA-2025:8293
reference_id	RHSA-2025:8293
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8293

reference_url	https://access.redhat.com/errata/RHSA-2025:8308
reference_id	RHSA-2025:8308
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8308

reference_url	https://access.redhat.com/errata/RHSA-2025:8341
reference_id	RHSA-2025:8341
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8341

reference_url	https://access.redhat.com/errata/RHSA-2025:8598
reference_id	RHSA-2025:8598
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8598

reference_url	https://access.redhat.com/errata/RHSA-2025:8599
reference_id	RHSA-2025:8599
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8599

reference_url	https://access.redhat.com/errata/RHSA-2025:8607
reference_id	RHSA-2025:8607
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8607

reference_url	https://access.redhat.com/errata/RHSA-2025:8608
reference_id	RHSA-2025:8608
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8608

reference_url	https://access.redhat.com/errata/RHSA-2025:8628
reference_id	RHSA-2025:8628
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8628

reference_url	https://access.redhat.com/errata/RHSA-2025:8629
reference_id	RHSA-2025:8629
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8629

reference_url	https://access.redhat.com/errata/RHSA-2025:8630
reference_id	RHSA-2025:8630
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8630

reference_url	https://access.redhat.com/errata/RHSA-2025:8631
reference_id	RHSA-2025:8631
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8631

reference_url	https://access.redhat.com/errata/RHSA-2025:8642
reference_id	RHSA-2025:8642
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8642

reference_url	https://access.redhat.com/errata/RHSA-2025:8756
reference_id	RHSA-2025:8756
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8756

reference_url	https://access.redhat.com/errata/RHSA-2025:9071
reference_id	RHSA-2025:9071
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9071

reference_url	https://access.redhat.com/errata/RHSA-2025:9072
reference_id	RHSA-2025:9072
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9072

reference_url	https://access.redhat.com/errata/RHSA-2025:9073
reference_id	RHSA-2025:9073
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9073

reference_url	https://access.redhat.com/errata/RHSA-2025:9074
reference_id	RHSA-2025:9074
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9074

reference_url	https://access.redhat.com/errata/RHSA-2025:9075
reference_id	RHSA-2025:9075
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9075

reference_url	https://access.redhat.com/errata/RHSA-2025:9076
reference_id	RHSA-2025:9076
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9076

reference_url	https://access.redhat.com/errata/RHSA-2025:9077
reference_id	RHSA-2025:9077
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9077

reference_url	https://access.redhat.com/errata/RHSA-2025:9118
reference_id	RHSA-2025:9118
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9118

reference_url	https://access.redhat.com/errata/RHSA-2025:9119
reference_id	RHSA-2025:9119
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9119

reference_url	https://access.redhat.com/errata/RHSA-2025:9120
reference_id	RHSA-2025:9120
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9120

reference_url	https://access.redhat.com/errata/RHSA-2025:9122
reference_id	RHSA-2025:9122
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9122

reference_url	https://access.redhat.com/errata/RHSA-2025:9123
reference_id	RHSA-2025:9123
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9123

reference_url	https://access.redhat.com/errata/RHSA-2025:9124
reference_id	RHSA-2025:9124
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9124

reference_url	https://access.redhat.com/errata/RHSA-2025:9125
reference_id	RHSA-2025:9125
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9125

reference_url	https://access.redhat.com/errata/RHSA-2025:9126
reference_id	RHSA-2025:9126
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9126

reference_url	https://access.redhat.com/errata/RHSA-2025:9127
reference_id	RHSA-2025:9127
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9127

reference_url	https://access.redhat.com/errata/RHSA-2025:9128
reference_id	RHSA-2025:9128
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9128

reference_url	https://access.redhat.com/errata/RHSA-2025:9155
reference_id	RHSA-2025:9155
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9155

reference_url	https://access.redhat.com/errata/RHSA-2025:9331
reference_id	RHSA-2025:9331
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9331

reference_url

https://chromereleases.googleblog.com/2025/05/stable-channel-update-for-desktop_27.html

reference_id

stable-channel-update-for-desktop_27.html

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-28T13:25:59Z/

url

https://chromereleases.googleblog.com/2025/05/stable-channel-update-for-desktop_27.html

reference_url	https://usn.ubuntu.com/7551-1/
reference_id	USN-7551-1
reference_type
scores
url	https://usn.ubuntu.com/7551-1/

reference_url	https://usn.ubuntu.com/7991-1/
reference_id	USN-7991-1
reference_type
scores
url	https://usn.ubuntu.com/7991-1/

fixed_packages

url	pkg:deb/debian/libvpx@1.12.0-1%2Bdeb12u4
purl	pkg:deb/debian/libvpx@1.12.0-1%2Bdeb12u4
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.12.0-1%252Bdeb12u4

aliases CVE-2025-5283

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-98mt-7srw-qfh4

url VCID-djwx-su1m-57h4

vulnerability_id VCID-djwx-su1m-57h4

summary

Multiple vulnerabilities have been found in libvpx, the worst of
    which could result in the execution of arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00049.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00049.html

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9433.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9433.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-9433

reference_id

reference_type

scores

value	0.08604
scoring_system	epss
scoring_elements	0.92385
published_at	2026-04-01T12:55:00Z

value	0.08604
scoring_system	epss
scoring_elements	0.92436
published_at	2026-04-18T12:55:00Z

value	0.08604
scoring_system	epss
scoring_elements	0.92419
published_at	2026-04-09T12:55:00Z

value	0.08604
scoring_system	epss
scoring_elements	0.92425
published_at	2026-04-13T12:55:00Z

value	0.08604
scoring_system	epss
scoring_elements	0.92427
published_at	2026-04-12T12:55:00Z

value	0.08604
scoring_system	epss
scoring_elements	0.92392
published_at	2026-04-02T12:55:00Z

value	0.08604
scoring_system	epss
scoring_elements	0.92399
published_at	2026-04-04T12:55:00Z

value	0.08604
scoring_system	epss
scoring_elements	0.92403
published_at	2026-04-07T12:55:00Z

value	0.08604
scoring_system	epss
scoring_elements	0.92415
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-9433

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9232
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9232

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9325
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9325

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9433
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9433

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.debian.org/debian-lts-announce/2019/11/msg00030.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2019/11/msg00030.html

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DQSTK442ATWJOR4TU3MR6C3N5A6NDFFN/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DQSTK442ATWJOR4TU3MR6C3N5A6NDFFN/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U2IIA3RSYABBUCFIHXIRVUT5CTJVWWZ6/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U2IIA3RSYABBUCFIHXIRVUT5CTJVWWZ6/

reference_url	https://seclists.org/bugtraq/2019/Nov/43
reference_id
reference_type
scores
url	https://seclists.org/bugtraq/2019/Nov/43

reference_url	https://source.android.com/security/bulletin/android-10
reference_id
reference_type
scores
url	https://source.android.com/security/bulletin/android-10

reference_url	https://www.debian.org/security/2019/dsa-4578
reference_id
reference_type
scores
url	https://www.debian.org/security/2019/dsa-4578

reference_url	http://www.openwall.com/lists/oss-security/2019/10/25/17
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2019/10/25/17

reference_url	http://www.openwall.com/lists/oss-security/2019/10/27/1
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2019/10/27/1

reference_url	http://www.openwall.com/lists/oss-security/2019/11/07/1
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2019/11/07/1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1788994
reference_id	1788994
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1788994

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:19.04:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:10.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:30:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:31:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:10.0:::::::*
reference_id	cpe:2.3:o:google:android:10.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:10.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:15.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-9433

reference_id

CVE-2019-9433

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:N/A:N

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2019-9433

reference_url	https://security.gentoo.org/glsa/202003-59
reference_id	GLSA-202003-59
reference_type
scores
url	https://security.gentoo.org/glsa/202003-59

reference_url	https://access.redhat.com/errata/RHSA-2020:3876
reference_id	RHSA-2020:3876
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3876

reference_url	https://access.redhat.com/errata/RHSA-2020:4629
reference_id	RHSA-2020:4629
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:4629

reference_url	https://usn.ubuntu.com/4199-1/
reference_id	USN-4199-1
reference_type
scores
url	https://usn.ubuntu.com/4199-1/

reference_url	https://usn.ubuntu.com/4199-2/
reference_id	USN-4199-2
reference_type
scores
url	https://usn.ubuntu.com/4199-2/

fixed_packages

url pkg:deb/debian/libvpx@1.6.1-3%2Bdeb9u2

purl pkg:deb/debian/libvpx@1.6.1-3%2Bdeb9u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-59n6-fj5x-33gn

vulnerability	VCID-7s5h-zrax-hkcv

vulnerability	VCID-8vka-qus2-tbhj

vulnerability	VCID-98mt-7srw-qfh4

vulnerability	VCID-djwx-su1m-57h4

vulnerability	VCID-f81v-9fv8-93cd

vulnerability	VCID-hhsp-7swr-qybd

vulnerability	VCID-kuxu-ty5p-8qbf

vulnerability	VCID-mcab-z6qn-gkds

vulnerability	VCID-txwy-bkhg-9qfv

vulnerability	VCID-ut2r-gvwc-4ydu

vulnerability	VCID-veqq-773w-1ba9

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.6.1-3%252Bdeb9u2

url pkg:deb/debian/libvpx@1.7.0-3%2Bdeb10u1

purl pkg:deb/debian/libvpx@1.7.0-3%2Bdeb10u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-59n6-fj5x-33gn

vulnerability	VCID-8vka-qus2-tbhj

vulnerability	VCID-98mt-7srw-qfh4

vulnerability	VCID-djwx-su1m-57h4

vulnerability	VCID-f81v-9fv8-93cd

vulnerability	VCID-kuxu-ty5p-8qbf

vulnerability	VCID-mcab-z6qn-gkds

vulnerability	VCID-txwy-bkhg-9qfv

vulnerability	VCID-ut2r-gvwc-4ydu

vulnerability	VCID-veqq-773w-1ba9

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.7.0-3%252Bdeb10u1

url pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u3

purl pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8vka-qus2-tbhj

vulnerability	VCID-98mt-7srw-qfh4

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.9.0-1%252Bdeb11u3

aliases CVE-2019-9433

risk_score 3.0

exploitability 0.5

weighted_severity 5.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-djwx-su1m-57h4

url VCID-f81v-9fv8-93cd

vulnerability_id VCID-f81v-9fv8-93cd

summary

Out-of-bounds Write
Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5217.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5217.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-5217

reference_id

reference_type

scores

value	0.03573
scoring_system	epss
scoring_elements	0.87744
published_at	2026-04-18T12:55:00Z

value	0.03573
scoring_system	epss
scoring_elements	0.87722
published_at	2026-04-08T12:55:00Z

value	0.03573
scoring_system	epss
scoring_elements	0.87728
published_at	2026-04-09T12:55:00Z

value	0.03573
scoring_system	epss
scoring_elements	0.8774
published_at	2026-04-11T12:55:00Z

value	0.03573
scoring_system	epss
scoring_elements	0.87733
published_at	2026-04-12T12:55:00Z

value	0.03573
scoring_system	epss
scoring_elements	0.87731
published_at	2026-04-13T12:55:00Z

value	0.03573
scoring_system	epss
scoring_elements	0.87745
published_at	2026-04-16T12:55:00Z

value	0.049
scoring_system	epss
scoring_elements	0.89562
published_at	2026-04-02T12:55:00Z

value	0.049
scoring_system	epss
scoring_elements	0.89576
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-5217

reference_url

https://arstechnica.com/security/2023/09/new-0-day-in-chrome-and-firefox-is-likely-to-plague-other-software

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://arstechnica.com/security/2023/09/new-0-day-in-chrome-and-firefox-is-likely-to-plague-other-software

reference_url

https://arstechnica.com/security/2023/09/new-0-day-in-chrome-and-firefox-is-likely-to-plague-other-software/

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

https://arstechnica.com/security/2023/09/new-0-day-in-chrome-and-firefox-is-likely-to-plague-other-software/

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2241191

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2241191

reference_url

https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_27.html

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_27.html

reference_url

https://crbug.com/1486441

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

https://crbug.com/1486441

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5169
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5169

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5171
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5171

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5176
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5176

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5186
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5186

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5187
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5187

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5217
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5217

reference_url

http://seclists.org/fulldisclosure/2023/Oct/12

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

http://seclists.org/fulldisclosure/2023/Oct/12

reference_url

http://seclists.org/fulldisclosure/2023/Oct/16

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

http://seclists.org/fulldisclosure/2023/Oct/16

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/electron/electron

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/electron/electron

reference_url

https://github.com/electron/electron/pull/40022

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/electron/electron/pull/40022

reference_url

https://github.com/electron/electron/pull/40023

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/electron/electron/pull/40023

reference_url

https://github.com/electron/electron/pull/40024

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/electron/electron/pull/40024

reference_url

https://github.com/electron/electron/pull/40025

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/electron/electron/pull/40025

reference_url

https://github.com/electron/electron/pull/40026

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/electron/electron/pull/40026

reference_url

https://github.com/electron/electron/releases/tag/v22.3.25

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/electron/electron/releases/tag/v22.3.25

reference_url

https://github.com/electron/electron/releases/tag/v24.8.5

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/electron/electron/releases/tag/v24.8.5

reference_url

https://github.com/electron/electron/releases/tag/v25.8.4

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/electron/electron/releases/tag/v25.8.4

reference_url

https://github.com/electron/electron/releases/tag/v26.2.4

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/electron/electron/releases/tag/v26.2.4

reference_url

https://github.com/electron/electron/releases/tag/v27.0.0-beta.8

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/electron/electron/releases/tag/v27.0.0-beta.8

reference_url

https://github.com/webmproject/libvpx/commit/3fbd1dca6a4d2dad332a2110d646e4ffef36d590

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

https://github.com/webmproject/libvpx/commit/3fbd1dca6a4d2dad332a2110d646e4ffef36d590

reference_url

https://github.com/webmproject/libvpx/commit/af6dedd715f4307669366944cca6e0417b290282

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

https://github.com/webmproject/libvpx/commit/af6dedd715f4307669366944cca6e0417b290282

reference_url

https://github.com/webmproject/libvpx/releases/tag/v1.13.1

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

https://github.com/webmproject/libvpx/releases/tag/v1.13.1

reference_url

https://github.com/webmproject/libvpx/tags

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

https://github.com/webmproject/libvpx/tags

reference_url

https://lists.debian.org/debian-lts-announce/2023/09/msg00038.html

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

https://lists.debian.org/debian-lts-announce/2023/09/msg00038.html

reference_url

https://lists.debian.org/debian-lts-announce/2023/10/msg00001.html

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

https://lists.debian.org/debian-lts-announce/2023/10/msg00001.html

reference_url

https://lists.debian.org/debian-lts-announce/2023/10/msg00015.html

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

https://lists.debian.org/debian-lts-announce/2023/10/msg00015.html

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MFWDFJSSIFKWKNOCTQCFUNZWAXUCSS4

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MFWDFJSSIFKWKNOCTQCFUNZWAXUCSS4

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MFWDFJSSIFKWKNOCTQCFUNZWAXUCSS4/

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MFWDFJSSIFKWKNOCTQCFUNZWAXUCSS4/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/55YVCZNAVY3Y5E4DWPWMX2SPKZ2E5SOV

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/55YVCZNAVY3Y5E4DWPWMX2SPKZ2E5SOV

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/55YVCZNAVY3Y5E4DWPWMX2SPKZ2E5SOV/

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/55YVCZNAVY3Y5E4DWPWMX2SPKZ2E5SOV/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AY642Z6JZODQJE7Z62CFREVUHEGCXGPD

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AY642Z6JZODQJE7Z62CFREVUHEGCXGPD

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BCVSHVX2RFBU3RMCUFSATVQEJUFD4Q63

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BCVSHVX2RFBU3RMCUFSATVQEJUFD4Q63

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BCVSHVX2RFBU3RMCUFSATVQEJUFD4Q63/

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BCVSHVX2RFBU3RMCUFSATVQEJUFD4Q63/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CWEJYS5NC7KVFYU3OAMPKQDYN6JQGVK6

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CWEJYS5NC7KVFYU3OAMPKQDYN6JQGVK6

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CWEJYS5NC7KVFYU3OAMPKQDYN6JQGVK6/

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CWEJYS5NC7KVFYU3OAMPKQDYN6JQGVK6/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TE7F54W5O5RS4ZMAAC7YK3CZWQXIDSKB

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TE7F54W5O5RS4ZMAAC7YK3CZWQXIDSKB

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WTRUIS3564P7ZLM2S2IH4Y4KZ327LI4I

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WTRUIS3564P7ZLM2S2IH4Y4KZ327LI4I

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WTRUIS3564P7ZLM2S2IH4Y4KZ327LI4I/

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WTRUIS3564P7ZLM2S2IH4Y4KZ327LI4I/

reference_url

https://pastebin.com/TdkC4pDv

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

https://pastebin.com/TdkC4pDv

reference_url

https://security.gentoo.org/glsa/202310-04

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

https://security.gentoo.org/glsa/202310-04

reference_url

https://security.gentoo.org/glsa/202401-34

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

https://security.gentoo.org/glsa/202401-34

reference_url

https://stackdiary.com/google-discloses-a-webm-vp8-bug-tracked-as-cve-2023-5217

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://stackdiary.com/google-discloses-a-webm-vp8-bug-tracked-as-cve-2023-5217

reference_url

https://stackdiary.com/google-discloses-a-webm-vp8-bug-tracked-as-cve-2023-5217/

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

https://stackdiary.com/google-discloses-a-webm-vp8-bug-tracked-as-cve-2023-5217/

reference_url

https://support.apple.com/kb/HT213961

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

https://support.apple.com/kb/HT213961

reference_url

https://support.apple.com/kb/HT213972

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

https://support.apple.com/kb/HT213972

reference_url

https://twitter.com/maddiestone/status/1707163313711497266

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

https://twitter.com/maddiestone/status/1707163313711497266

reference_url

https://www.debian.org/security/2023/dsa-5508

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

https://www.debian.org/security/2023/dsa-5508

reference_url

https://www.debian.org/security/2023/dsa-5509

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

https://www.debian.org/security/2023/dsa-5509

reference_url

https://www.debian.org/security/2023/dsa-5510

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

https://www.debian.org/security/2023/dsa-5510

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-44

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	critical
scoring_system	generic_textual
scoring_elements

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-44

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-44/

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-44/

reference_url

https://www.openwall.com/lists/oss-security/2023/09/28/5

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

https://www.openwall.com/lists/oss-security/2023/09/28/5

reference_url

http://www.openwall.com/lists/oss-security/2023/09/28/5

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

http://www.openwall.com/lists/oss-security/2023/09/28/5

reference_url

http://www.openwall.com/lists/oss-security/2023/09/28/6

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

http://www.openwall.com/lists/oss-security/2023/09/28/6

reference_url

http://www.openwall.com/lists/oss-security/2023/09/29/1

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

http://www.openwall.com/lists/oss-security/2023/09/29/1

reference_url

http://www.openwall.com/lists/oss-security/2023/09/29/11

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

http://www.openwall.com/lists/oss-security/2023/09/29/11

reference_url

http://www.openwall.com/lists/oss-security/2023/09/29/12

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

http://www.openwall.com/lists/oss-security/2023/09/29/12

reference_url

http://www.openwall.com/lists/oss-security/2023/09/29/14

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

http://www.openwall.com/lists/oss-security/2023/09/29/14

reference_url

http://www.openwall.com/lists/oss-security/2023/09/29/2

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

http://www.openwall.com/lists/oss-security/2023/09/29/2

reference_url

http://www.openwall.com/lists/oss-security/2023/09/29/7

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

http://www.openwall.com/lists/oss-security/2023/09/29/7

reference_url

http://www.openwall.com/lists/oss-security/2023/09/29/9

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

http://www.openwall.com/lists/oss-security/2023/09/29/9

reference_url

http://www.openwall.com/lists/oss-security/2023/09/30/1

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

http://www.openwall.com/lists/oss-security/2023/09/30/1

reference_url

http://www.openwall.com/lists/oss-security/2023/09/30/2

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

http://www.openwall.com/lists/oss-security/2023/09/30/2

reference_url

http://www.openwall.com/lists/oss-security/2023/09/30/3

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

http://www.openwall.com/lists/oss-security/2023/09/30/3

reference_url

http://www.openwall.com/lists/oss-security/2023/09/30/4

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

http://www.openwall.com/lists/oss-security/2023/09/30/4

reference_url

http://www.openwall.com/lists/oss-security/2023/09/30/5

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

http://www.openwall.com/lists/oss-security/2023/09/30/5

reference_url

http://www.openwall.com/lists/oss-security/2023/10/01/1

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

http://www.openwall.com/lists/oss-security/2023/10/01/1

reference_url

http://www.openwall.com/lists/oss-security/2023/10/01/2

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

http://www.openwall.com/lists/oss-security/2023/10/01/2

reference_url

http://www.openwall.com/lists/oss-security/2023/10/01/5

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

http://www.openwall.com/lists/oss-security/2023/10/01/5

reference_url

http://www.openwall.com/lists/oss-security/2023/10/02/6

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

http://www.openwall.com/lists/oss-security/2023/10/02/6

reference_url

http://www.openwall.com/lists/oss-security/2023/10/03/11

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

http://www.openwall.com/lists/oss-security/2023/10/03/11

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053182
reference_id	1053182
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053182

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AY642Z6JZODQJE7Z62CFREVUHEGCXGPD/

reference_id

AY642Z6JZODQJE7Z62CFREVUHEGCXGPD

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AY642Z6JZODQJE7Z62CFREVUHEGCXGPD/

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2023-5217

reference_id

CVE-2023-5217

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2023-5217

reference_url

https://security-tracker.debian.org/tracker/CVE-2023-5217

reference_id

CVE-2023-5217

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

https://security-tracker.debian.org/tracker/CVE-2023-5217

reference_url

https://github.com/advisories/GHSA-qqvq-6xgj-jw8g

reference_id

GHSA-qqvq-6xgj-jw8g

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-qqvq-6xgj-jw8g

reference_url	https://access.redhat.com/errata/RHSA-2023:5426
reference_id	RHSA-2023:5426
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5426

reference_url	https://access.redhat.com/errata/RHSA-2023:5427
reference_id	RHSA-2023:5427
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5427

reference_url	https://access.redhat.com/errata/RHSA-2023:5428
reference_id	RHSA-2023:5428
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5428

reference_url	https://access.redhat.com/errata/RHSA-2023:5429
reference_id	RHSA-2023:5429
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5429

reference_url	https://access.redhat.com/errata/RHSA-2023:5430
reference_id	RHSA-2023:5430
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5430

reference_url	https://access.redhat.com/errata/RHSA-2023:5432
reference_id	RHSA-2023:5432
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5432

reference_url	https://access.redhat.com/errata/RHSA-2023:5433
reference_id	RHSA-2023:5433
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5433

reference_url	https://access.redhat.com/errata/RHSA-2023:5434
reference_id	RHSA-2023:5434
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5434

reference_url	https://access.redhat.com/errata/RHSA-2023:5435
reference_id	RHSA-2023:5435
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5435

reference_url	https://access.redhat.com/errata/RHSA-2023:5436
reference_id	RHSA-2023:5436
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5436

reference_url	https://access.redhat.com/errata/RHSA-2023:5437
reference_id	RHSA-2023:5437
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5437

reference_url	https://access.redhat.com/errata/RHSA-2023:5438
reference_id	RHSA-2023:5438
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5438

reference_url	https://access.redhat.com/errata/RHSA-2023:5439
reference_id	RHSA-2023:5439
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5439

reference_url	https://access.redhat.com/errata/RHSA-2023:5440
reference_id	RHSA-2023:5440
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5440

reference_url	https://access.redhat.com/errata/RHSA-2023:5475
reference_id	RHSA-2023:5475
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5475

reference_url	https://access.redhat.com/errata/RHSA-2023:5477
reference_id	RHSA-2023:5477
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5477

100

reference_url	https://access.redhat.com/errata/RHSA-2023:5534
reference_id	RHSA-2023:5534
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5534

101

reference_url	https://access.redhat.com/errata/RHSA-2023:5535
reference_id	RHSA-2023:5535
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5535

102

reference_url	https://access.redhat.com/errata/RHSA-2023:5536
reference_id	RHSA-2023:5536
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5536

103

reference_url	https://access.redhat.com/errata/RHSA-2023:5537
reference_id	RHSA-2023:5537
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5537

104

reference_url	https://access.redhat.com/errata/RHSA-2023:5538
reference_id	RHSA-2023:5538
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5538

105

reference_url	https://access.redhat.com/errata/RHSA-2023:5539
reference_id	RHSA-2023:5539
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5539

106

reference_url	https://access.redhat.com/errata/RHSA-2023:5540
reference_id	RHSA-2023:5540
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5540

107

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TE7F54W5O5RS4ZMAAC7YK3CZWQXIDSKB/

reference_id

TE7F54W5O5RS4ZMAAC7YK3CZWQXIDSKB

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TE7F54W5O5RS4ZMAAC7YK3CZWQXIDSKB/

108

reference_url	https://usn.ubuntu.com/6403-1/
reference_id	USN-6403-1
reference_type
scores
url	https://usn.ubuntu.com/6403-1/

109

reference_url	https://usn.ubuntu.com/6403-2/
reference_id	USN-6403-2
reference_type
scores
url	https://usn.ubuntu.com/6403-2/

110

reference_url	https://usn.ubuntu.com/6403-3/
reference_id	USN-6403-3
reference_type
scores
url	https://usn.ubuntu.com/6403-3/

111

reference_url	https://usn.ubuntu.com/6404-1/
reference_id	USN-6404-1
reference_type
scores
url	https://usn.ubuntu.com/6404-1/

112

reference_url	https://usn.ubuntu.com/6405-1/
reference_id	USN-6405-1
reference_type
scores
url	https://usn.ubuntu.com/6405-1/

113

reference_url	https://usn.ubuntu.com/7172-1/
reference_id	USN-7172-1
reference_type
scores
url	https://usn.ubuntu.com/7172-1/

fixed_packages

url pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u3

purl pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8vka-qus2-tbhj

vulnerability	VCID-98mt-7srw-qfh4

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.9.0-1%252Bdeb11u3

aliases CVE-2023-5217, GHSA-qqvq-6xgj-jw8g

risk_score 10.0

exploitability 2.0

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-f81v-9fv8-93cd

url VCID-hhsp-7swr-qybd

vulnerability_id VCID-hhsp-7swr-qybd

summary security update

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13194.json

reference_id

reference_type

scores

value	3.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13194.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-13194

reference_id

reference_type

scores

value	0.01253
scoring_system	epss
scoring_elements	0.79307
published_at	2026-04-01T12:55:00Z

value	0.01253
scoring_system	epss
scoring_elements	0.79314
published_at	2026-04-02T12:55:00Z

value	0.01253
scoring_system	epss
scoring_elements	0.79337
published_at	2026-04-04T12:55:00Z

value	0.01253
scoring_system	epss
scoring_elements	0.79323
published_at	2026-04-07T12:55:00Z

value	0.01253
scoring_system	epss
scoring_elements	0.79349
published_at	2026-04-08T12:55:00Z

value	0.01253
scoring_system	epss
scoring_elements	0.79358
published_at	2026-04-09T12:55:00Z

value	0.01253
scoring_system	epss
scoring_elements	0.79381
published_at	2026-04-11T12:55:00Z

value	0.01253
scoring_system	epss
scoring_elements	0.79366
published_at	2026-04-12T12:55:00Z

value	0.01253
scoring_system	epss
scoring_elements	0.79356
published_at	2026-04-13T12:55:00Z

value	0.01253
scoring_system	epss
scoring_elements	0.79382
published_at	2026-04-16T12:55:00Z

value	0.01253
scoring_system	epss
scoring_elements	0.79378
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-13194

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13194
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13194

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.6
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1535183
reference_id	1535183
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1535183

reference_url	https://usn.ubuntu.com/4199-1/
reference_id	USN-4199-1
reference_type
scores
url	https://usn.ubuntu.com/4199-1/

reference_url	https://usn.ubuntu.com/4199-2/
reference_id	USN-4199-2
reference_type
scores
url	https://usn.ubuntu.com/4199-2/

fixed_packages

url pkg:deb/debian/libvpx@1.6.1-3%2Bdeb9u2

purl pkg:deb/debian/libvpx@1.6.1-3%2Bdeb9u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-59n6-fj5x-33gn

vulnerability	VCID-7s5h-zrax-hkcv

vulnerability	VCID-8vka-qus2-tbhj

vulnerability	VCID-98mt-7srw-qfh4

vulnerability	VCID-djwx-su1m-57h4

vulnerability	VCID-f81v-9fv8-93cd

vulnerability	VCID-hhsp-7swr-qybd

vulnerability	VCID-kuxu-ty5p-8qbf

vulnerability	VCID-mcab-z6qn-gkds

vulnerability	VCID-txwy-bkhg-9qfv

vulnerability	VCID-ut2r-gvwc-4ydu

vulnerability	VCID-veqq-773w-1ba9

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.6.1-3%252Bdeb9u2

url pkg:deb/debian/libvpx@1.7.0-3%2Bdeb10u1

purl pkg:deb/debian/libvpx@1.7.0-3%2Bdeb10u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-59n6-fj5x-33gn

vulnerability	VCID-8vka-qus2-tbhj

vulnerability	VCID-98mt-7srw-qfh4

vulnerability	VCID-djwx-su1m-57h4

vulnerability	VCID-f81v-9fv8-93cd

vulnerability	VCID-kuxu-ty5p-8qbf

vulnerability	VCID-mcab-z6qn-gkds

vulnerability	VCID-txwy-bkhg-9qfv

vulnerability	VCID-ut2r-gvwc-4ydu

vulnerability	VCID-veqq-773w-1ba9

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.7.0-3%252Bdeb10u1

aliases CVE-2017-13194

risk_score 1.6

exploitability 0.5

weighted_severity 3.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hhsp-7swr-qybd

url VCID-kuxu-ty5p-8qbf

vulnerability_id VCID-kuxu-ty5p-8qbf

summary libvpx: Heap buffer overflow related to VP9 encoding

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6349.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6349.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-6349

reference_id

reference_type

scores

value	0.00078
scoring_system	epss
scoring_elements	0.23348
published_at	2026-04-02T12:55:00Z

value	0.00078
scoring_system	epss
scoring_elements	0.23235
published_at	2026-04-18T12:55:00Z

value	0.00078
scoring_system	epss
scoring_elements	0.23283
published_at	2026-04-12T12:55:00Z

value	0.00078
scoring_system	epss
scoring_elements	0.23226
published_at	2026-04-13T12:55:00Z

value	0.00078
scoring_system	epss
scoring_elements	0.23242
published_at	2026-04-16T12:55:00Z

value	0.00078
scoring_system	epss
scoring_elements	0.23388
published_at	2026-04-04T12:55:00Z

value	0.00078
scoring_system	epss
scoring_elements	0.23176
published_at	2026-04-07T12:55:00Z

value	0.00078
scoring_system	epss
scoring_elements	0.2325
published_at	2026-04-08T12:55:00Z

value	0.00078
scoring_system	epss
scoring_elements	0.233
published_at	2026-04-09T12:55:00Z

value	0.00078
scoring_system	epss
scoring_elements	0.23321
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-6349

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6349
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6349

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://crbug.com/webm/1642

reference_id

1642

reference_type

scores

value	5.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:P/VC:L/VI:H/VA:N/SC:L/SI:H/SA:N/S:N/AU:N/R:A/V:D

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-28T15:01:21Z/

url

https://crbug.com/webm/1642

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2283553
reference_id	2283553
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2283553

reference_url	https://access.redhat.com/errata/RHSA-2024:5941
reference_id	RHSA-2024:5941
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:5941

reference_url	https://access.redhat.com/errata/RHSA-2026:4128
reference_id	RHSA-2026:4128
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4128

fixed_packages

url pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u3

purl pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8vka-qus2-tbhj

vulnerability	VCID-98mt-7srw-qfh4

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.9.0-1%252Bdeb11u3

aliases CVE-2023-6349

risk_score 3.0

exploitability 0.5

weighted_severity 5.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kuxu-ty5p-8qbf

url VCID-mcab-z6qn-gkds

vulnerability_id VCID-mcab-z6qn-gkds

summary Multiple vulnerabilities have been discovered in libvpx, the worst of which could result in arbitrary code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-44488.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-44488.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-44488

reference_id

reference_type

scores

value	0.01446
scoring_system	epss
scoring_elements	0.80783
published_at	2026-04-18T12:55:00Z

value	0.01446
scoring_system	epss
scoring_elements	0.80744
published_at	2026-04-08T12:55:00Z

value	0.01446
scoring_system	epss
scoring_elements	0.80752
published_at	2026-04-09T12:55:00Z

value	0.01446
scoring_system	epss
scoring_elements	0.80769
published_at	2026-04-11T12:55:00Z

value	0.01446
scoring_system	epss
scoring_elements	0.80753
published_at	2026-04-12T12:55:00Z

value	0.01446
scoring_system	epss
scoring_elements	0.80745
published_at	2026-04-13T12:55:00Z

value	0.01446
scoring_system	epss
scoring_elements	0.80782
published_at	2026-04-16T12:55:00Z

value	0.01486
scoring_system	epss
scoring_elements	0.80999
published_at	2026-04-04T12:55:00Z

value	0.01486
scoring_system	epss
scoring_elements	0.80975
published_at	2026-04-02T12:55:00Z

value	0.01486
scoring_system	epss
scoring_elements	0.80997
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-44488

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44488
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44488

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2241806

reference_id

2241806

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-23T16:14:51Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2241806

reference_url

https://github.com/webmproject/libvpx/commit/263682c9a29395055f3b3afe2d97be1828a6223f

reference_id

263682c9a29395055f3b3afe2d97be1828a6223f

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-23T16:14:51Z/

url

https://github.com/webmproject/libvpx/commit/263682c9a29395055f3b3afe2d97be1828a6223f

reference_url

https://github.com/webmproject/libvpx/commit/df9fd9d5b7325060b2b921558a1eb20ca7880937

reference_id

df9fd9d5b7325060b2b921558a1eb20ca7880937

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-23T16:14:51Z/

url

https://github.com/webmproject/libvpx/commit/df9fd9d5b7325060b2b921558a1eb20ca7880937

reference_url

https://www.debian.org/security/2023/dsa-5518

reference_id

dsa-5518

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-23T16:14:51Z/

url

https://www.debian.org/security/2023/dsa-5518

reference_url	https://access.redhat.com/errata/RHSA-2023:5534
reference_id	RHSA-2023:5534
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5534

reference_url	https://access.redhat.com/errata/RHSA-2023:5535
reference_id	RHSA-2023:5535
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5535

reference_url	https://access.redhat.com/errata/RHSA-2023:5536
reference_id	RHSA-2023:5536
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5536

reference_url	https://access.redhat.com/errata/RHSA-2023:5537
reference_id	RHSA-2023:5537
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5537

reference_url	https://access.redhat.com/errata/RHSA-2023:5538
reference_id	RHSA-2023:5538
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5538

reference_url	https://access.redhat.com/errata/RHSA-2023:5539
reference_id	RHSA-2023:5539
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5539

reference_url	https://access.redhat.com/errata/RHSA-2023:5540
reference_id	RHSA-2023:5540
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5540

reference_url	https://access.redhat.com/errata/RHSA-2023:6162
reference_id	RHSA-2023:6162
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6162

reference_url	https://access.redhat.com/errata/RHSA-2023:6185
reference_id	RHSA-2023:6185
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6185

reference_url	https://access.redhat.com/errata/RHSA-2023:6186
reference_id	RHSA-2023:6186
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6186

reference_url	https://access.redhat.com/errata/RHSA-2023:6187
reference_id	RHSA-2023:6187
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6187

reference_url	https://access.redhat.com/errata/RHSA-2023:6188
reference_id	RHSA-2023:6188
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6188

reference_url	https://access.redhat.com/errata/RHSA-2023:6189
reference_id	RHSA-2023:6189
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6189

reference_url	https://access.redhat.com/errata/RHSA-2023:6190
reference_id	RHSA-2023:6190
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6190

reference_url	https://access.redhat.com/errata/RHSA-2023:6191
reference_id	RHSA-2023:6191
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6191

reference_url	https://access.redhat.com/errata/RHSA-2023:6192
reference_id	RHSA-2023:6192
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6192

reference_url	https://access.redhat.com/errata/RHSA-2023:6194
reference_id	RHSA-2023:6194
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6194

reference_url	https://access.redhat.com/errata/RHSA-2023:6195
reference_id	RHSA-2023:6195
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6195

reference_url	https://access.redhat.com/errata/RHSA-2023:6196
reference_id	RHSA-2023:6196
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6196

reference_url	https://access.redhat.com/errata/RHSA-2023:6197
reference_id	RHSA-2023:6197
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6197

reference_url	https://access.redhat.com/errata/RHSA-2023:6198
reference_id	RHSA-2023:6198
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6198

reference_url	https://access.redhat.com/errata/RHSA-2023:6199
reference_id	RHSA-2023:6199
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6199

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TE7F54W5O5RS4ZMAAC7YK3CZWQXIDSKB/

reference_id

TE7F54W5O5RS4ZMAAC7YK3CZWQXIDSKB

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-23T16:14:51Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TE7F54W5O5RS4ZMAAC7YK3CZWQXIDSKB/

reference_url	https://usn.ubuntu.com/6403-1/
reference_id	USN-6403-1
reference_type
scores
url	https://usn.ubuntu.com/6403-1/

reference_url	https://usn.ubuntu.com/6403-2/
reference_id	USN-6403-2
reference_type
scores
url	https://usn.ubuntu.com/6403-2/

reference_url	https://usn.ubuntu.com/6403-3/
reference_id	USN-6403-3
reference_type
scores
url	https://usn.ubuntu.com/6403-3/

reference_url

https://github.com/webmproject/libvpx/compare/v1.13.0...v1.13.1

reference_id

v1.13.0...v1.13.1

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-23T16:14:51Z/

url

https://github.com/webmproject/libvpx/compare/v1.13.0...v1.13.1

fixed_packages

url pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u3

purl pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8vka-qus2-tbhj

vulnerability	VCID-98mt-7srw-qfh4

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.9.0-1%252Bdeb11u3

aliases CVE-2023-44488

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mcab-z6qn-gkds

url VCID-txwy-bkhg-9qfv

vulnerability_id VCID-txwy-bkhg-9qfv

summary

Multiple vulnerabilities have been found in libvpx, the worst of
    which could result in the execution of arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00049.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00049.html

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9325.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9325.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-9325

reference_id

reference_type

scores

value	0.0889
scoring_system	epss
scoring_elements	0.92528
published_at	2026-04-01T12:55:00Z

value	0.0889
scoring_system	epss
scoring_elements	0.92576
published_at	2026-04-18T12:55:00Z

value	0.0889
scoring_system	epss
scoring_elements	0.92559
published_at	2026-04-09T12:55:00Z

value	0.0889
scoring_system	epss
scoring_elements	0.92565
published_at	2026-04-13T12:55:00Z

value	0.0889
scoring_system	epss
scoring_elements	0.92566
published_at	2026-04-12T12:55:00Z

value	0.0889
scoring_system	epss
scoring_elements	0.92533
published_at	2026-04-02T12:55:00Z

value	0.0889
scoring_system	epss
scoring_elements	0.9254
published_at	2026-04-04T12:55:00Z

value	0.0889
scoring_system	epss
scoring_elements	0.92543
published_at	2026-04-07T12:55:00Z

value	0.0889
scoring_system	epss
scoring_elements	0.92554
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-9325

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9232
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9232

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9325
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9325

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9433
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9433

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DQSTK442ATWJOR4TU3MR6C3N5A6NDFFN/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DQSTK442ATWJOR4TU3MR6C3N5A6NDFFN/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U2IIA3RSYABBUCFIHXIRVUT5CTJVWWZ6/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U2IIA3RSYABBUCFIHXIRVUT5CTJVWWZ6/

reference_url	https://seclists.org/bugtraq/2019/Nov/43
reference_id
reference_type
scores
url	https://seclists.org/bugtraq/2019/Nov/43

reference_url	https://source.android.com/security/bulletin/android-10
reference_id
reference_type
scores
url	https://source.android.com/security/bulletin/android-10

reference_url	https://www.debian.org/security/2019/dsa-4578
reference_id
reference_type
scores
url	https://www.debian.org/security/2019/dsa-4578

reference_url	http://www.openwall.com/lists/oss-security/2019/10/25/17
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2019/10/25/17

reference_url	http://www.openwall.com/lists/oss-security/2019/10/27/1
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2019/10/27/1

reference_url	http://www.openwall.com/lists/oss-security/2019/11/07/1
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2019/11/07/1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1789002
reference_id	1789002
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1789002

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:19.04:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:10.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:30:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:31:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:10.0:::::::*
reference_id	cpe:2.3:o:google:android:10.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:10.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:15.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-9325

reference_id

CVE-2019-9325

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:N/A:N

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2019-9325

reference_url	https://security.gentoo.org/glsa/202003-59
reference_id	GLSA-202003-59
reference_type
scores
url	https://security.gentoo.org/glsa/202003-59

reference_url	https://usn.ubuntu.com/4199-1/
reference_id	USN-4199-1
reference_type
scores
url	https://usn.ubuntu.com/4199-1/

fixed_packages

url pkg:deb/debian/libvpx@1.6.1-3%2Bdeb9u2

purl pkg:deb/debian/libvpx@1.6.1-3%2Bdeb9u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-59n6-fj5x-33gn

vulnerability	VCID-7s5h-zrax-hkcv

vulnerability	VCID-8vka-qus2-tbhj

vulnerability	VCID-98mt-7srw-qfh4

vulnerability	VCID-djwx-su1m-57h4

vulnerability	VCID-f81v-9fv8-93cd

vulnerability	VCID-hhsp-7swr-qybd

vulnerability	VCID-kuxu-ty5p-8qbf

vulnerability	VCID-mcab-z6qn-gkds

vulnerability	VCID-txwy-bkhg-9qfv

vulnerability	VCID-ut2r-gvwc-4ydu

vulnerability	VCID-veqq-773w-1ba9

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.6.1-3%252Bdeb9u2

url pkg:deb/debian/libvpx@1.7.0-3%2Bdeb10u1

purl pkg:deb/debian/libvpx@1.7.0-3%2Bdeb10u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-59n6-fj5x-33gn

vulnerability	VCID-8vka-qus2-tbhj

vulnerability	VCID-98mt-7srw-qfh4

vulnerability	VCID-djwx-su1m-57h4

vulnerability	VCID-f81v-9fv8-93cd

vulnerability	VCID-kuxu-ty5p-8qbf

vulnerability	VCID-mcab-z6qn-gkds

vulnerability	VCID-txwy-bkhg-9qfv

vulnerability	VCID-ut2r-gvwc-4ydu

vulnerability	VCID-veqq-773w-1ba9

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.7.0-3%252Bdeb10u1

url pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u3

purl pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8vka-qus2-tbhj

vulnerability	VCID-98mt-7srw-qfh4

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.9.0-1%252Bdeb11u3

aliases CVE-2019-9325

risk_score 3.0

exploitability 0.5

weighted_severity 5.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-txwy-bkhg-9qfv

url VCID-ut2r-gvwc-4ydu

vulnerability_id VCID-ut2r-gvwc-4ydu

summary

Multiple vulnerabilities have been found in libvpx, the worst of
    which could result in the execution of arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00049.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00049.html

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9371.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9371.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-9371

reference_id

reference_type

scores

value	0.17758
scoring_system	epss
scoring_elements	0.95088
published_at	2026-04-01T12:55:00Z

value	0.17758
scoring_system	epss
scoring_elements	0.95134
published_at	2026-04-18T12:55:00Z

value	0.17758
scoring_system	epss
scoring_elements	0.9512
published_at	2026-04-12T12:55:00Z

value	0.17758
scoring_system	epss
scoring_elements	0.95123
published_at	2026-04-13T12:55:00Z

value	0.17758
scoring_system	epss
scoring_elements	0.9513
published_at	2026-04-16T12:55:00Z

value	0.17758
scoring_system	epss
scoring_elements	0.95099
published_at	2026-04-02T12:55:00Z

value	0.17758
scoring_system	epss
scoring_elements	0.951
published_at	2026-04-04T12:55:00Z

value	0.17758
scoring_system	epss
scoring_elements	0.95102
published_at	2026-04-07T12:55:00Z

value	0.17758
scoring_system	epss
scoring_elements	0.95109
published_at	2026-04-08T12:55:00Z

value	0.17758
scoring_system	epss
scoring_elements	0.95112
published_at	2026-04-09T12:55:00Z

value	0.17758
scoring_system	epss
scoring_elements	0.95118
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-9371

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9371
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9371

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DQSTK442ATWJOR4TU3MR6C3N5A6NDFFN/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DQSTK442ATWJOR4TU3MR6C3N5A6NDFFN/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U2IIA3RSYABBUCFIHXIRVUT5CTJVWWZ6/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U2IIA3RSYABBUCFIHXIRVUT5CTJVWWZ6/

reference_url	https://seclists.org/bugtraq/2019/Nov/43
reference_id
reference_type
scores
url	https://seclists.org/bugtraq/2019/Nov/43

reference_url	https://source.android.com/security/bulletin/android-10
reference_id
reference_type
scores
url	https://source.android.com/security/bulletin/android-10

reference_url	https://www.debian.org/security/2019/dsa-4578
reference_id
reference_type
scores
url	https://www.debian.org/security/2019/dsa-4578

reference_url	http://www.openwall.com/lists/oss-security/2019/10/25/17
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2019/10/25/17

reference_url	http://www.openwall.com/lists/oss-security/2019/10/27/1
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2019/10/27/1

reference_url	http://www.openwall.com/lists/oss-security/2019/11/07/1
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2019/11/07/1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1789004
reference_id	1789004
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1789004

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:19.04:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:10.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:30:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:31:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:10.0:::::::*
reference_id	cpe:2.3:o:google:android:10.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:10.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:15.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-9371

reference_id

CVE-2019-9371

reference_type

scores

value	7.1
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:C

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2019-9371

reference_url	https://security.gentoo.org/glsa/202003-59
reference_id	GLSA-202003-59
reference_type
scores
url	https://security.gentoo.org/glsa/202003-59

reference_url	https://access.redhat.com/errata/RHSA-2020:4629
reference_id	RHSA-2020:4629
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:4629

reference_url	https://usn.ubuntu.com/4199-1/
reference_id	USN-4199-1
reference_type
scores
url	https://usn.ubuntu.com/4199-1/

fixed_packages

url pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u3

purl pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8vka-qus2-tbhj

vulnerability	VCID-98mt-7srw-qfh4

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.9.0-1%252Bdeb11u3

aliases CVE-2019-9371

risk_score 3.2

exploitability 0.5

weighted_severity 6.4

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ut2r-gvwc-4ydu

url VCID-veqq-773w-1ba9

vulnerability_id VCID-veqq-773w-1ba9

summary libvpx: Integer overflow in vpx_img_alloc()

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-5197.json

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-5197.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-5197

reference_id

reference_type

scores

value	0.00325
scoring_system	epss
scoring_elements	0.55575
published_at	2026-04-18T12:55:00Z

value	0.00325
scoring_system	epss
scoring_elements	0.55562
published_at	2026-04-08T12:55:00Z

value	0.00325
scoring_system	epss
scoring_elements	0.55563
published_at	2026-04-09T12:55:00Z

value	0.00325
scoring_system	epss
scoring_elements	0.55572
published_at	2026-04-16T12:55:00Z

value	0.00325
scoring_system	epss
scoring_elements	0.55552
published_at	2026-04-12T12:55:00Z

value	0.00325
scoring_system	epss
scoring_elements	0.55535
published_at	2026-04-13T12:55:00Z

value	0.00325
scoring_system	epss
scoring_elements	0.5551
published_at	2026-04-02T12:55:00Z

value	0.00325
scoring_system	epss
scoring_elements	0.55534
published_at	2026-04-04T12:55:00Z

value	0.00325
scoring_system	epss
scoring_elements	0.55511
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-5197

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5197
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5197

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2291198
reference_id	2291198
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2291198

reference_url

https://g-issues.chromium.org/issues/332382766

reference_id

332382766

reference_type

scores

value	5.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:P/VC:L/VI:H/VA:N/SC:L/SI:L/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-03T17:27:56Z/

url

https://g-issues.chromium.org/issues/332382766

reference_url

https://lists.debian.org/debian-lts-announce/2024/06/msg00005.html

reference_id

msg00005.html

reference_type

scores

value	5.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:P/VC:L/VI:H/VA:N/SC:L/SI:L/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-03T17:27:56Z/

url

https://lists.debian.org/debian-lts-announce/2024/06/msg00005.html

reference_url	https://access.redhat.com/errata/RHSA-2024:5941
reference_id	RHSA-2024:5941
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:5941

reference_url	https://access.redhat.com/errata/RHSA-2024:9827
reference_id	RHSA-2024:9827
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:9827

reference_url	https://access.redhat.com/errata/RHSA-2025:14138
reference_id	RHSA-2025:14138
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:14138

reference_url	https://access.redhat.com/errata/RHSA-2025:14139
reference_id	RHSA-2025:14139
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:14139

reference_url	https://access.redhat.com/errata/RHSA-2025:14140
reference_id	RHSA-2025:14140
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:14140

reference_url	https://usn.ubuntu.com/6814-1/
reference_id	USN-6814-1
reference_type
scores
url	https://usn.ubuntu.com/6814-1/

reference_url	https://usn.ubuntu.com/7249-1/
reference_id	USN-7249-1
reference_type
scores
url	https://usn.ubuntu.com/7249-1/

fixed_packages

url pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u3

purl pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8vka-qus2-tbhj

vulnerability	VCID-98mt-7srw-qfh4

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.9.0-1%252Bdeb11u3

aliases CVE-2024-5197

risk_score 3.2

exploitability 0.5

weighted_severity 6.4

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-veqq-773w-1ba9

Fixing_vulnerabilities

url VCID-5bx8-w9sb-1bbs

vulnerability_id VCID-5bx8-w9sb-1bbs

summary libvpx in libwebm in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted mkv file, aka internal bug 23167726.

references

reference_url	https://android.googlesource.com/platform/external/libvpx/+/65c49d5b382de4085ee5668732bcb0f6ecaf7148
reference_id
reference_type
scores
url	https://android.googlesource.com/platform/external/libvpx/+/65c49d5b382de4085ee5668732bcb0f6ecaf7148

reference_url	https://android.googlesource.com/platform/external/libvpx/+/cc274e2abe8b2a6698a5c47d8aa4bb45f1f9538d
reference_id
reference_type
scores
url	https://android.googlesource.com/platform/external/libvpx/+/cc274e2abe8b2a6698a5c47d8aa4bb45f1f9538d

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-2464

reference_id

reference_type

scores

value	0.00254
scoring_system	epss
scoring_elements	0.48749
published_at	2026-04-18T12:55:00Z

value	0.00254
scoring_system	epss
scoring_elements	0.48697
published_at	2026-04-12T12:55:00Z

value	0.00254
scoring_system	epss
scoring_elements	0.48753
published_at	2026-04-16T12:55:00Z

value	0.00254
scoring_system	epss
scoring_elements	0.48635
published_at	2026-04-01T12:55:00Z

value	0.00254
scoring_system	epss
scoring_elements	0.48676
published_at	2026-04-02T12:55:00Z

value	0.00254
scoring_system	epss
scoring_elements	0.48701
published_at	2026-04-04T12:55:00Z

value	0.00254
scoring_system	epss
scoring_elements	0.48655
published_at	2026-04-07T12:55:00Z

value	0.00254
scoring_system	epss
scoring_elements	0.48709
published_at	2026-04-08T12:55:00Z

value	0.00254
scoring_system	epss
scoring_elements	0.48705
published_at	2026-04-13T12:55:00Z

value	0.00254
scoring_system	epss
scoring_elements	0.48723
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-2464

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2464
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2464

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	http://source.android.com/security/bulletin/2016-06-01.html
reference_id
reference_type
scores
url	http://source.android.com/security/bulletin/2016-06-01.html

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.0:::::::*
reference_id	cpe:2.3:o:google:android:4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.0.1:::::::*
reference_id	cpe:2.3:o:google:android:4.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.0.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.0.2:::::::*
reference_id	cpe:2.3:o:google:android:4.0.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.0.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.0.3:::::::*
reference_id	cpe:2.3:o:google:android:4.0.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.0.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.0.4:::::::*
reference_id	cpe:2.3:o:google:android:4.0.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.0.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.1:::::::*
reference_id	cpe:2.3:o:google:android:4.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.1.1:::::::*
reference_id	cpe:2.3:o:google:android:4.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.1.2:::::::*
reference_id	cpe:2.3:o:google:android:4.1.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.1.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.2:::::::*
reference_id	cpe:2.3:o:google:android:4.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.2.1:::::::*
reference_id	cpe:2.3:o:google:android:4.2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.2.2:::::::*
reference_id	cpe:2.3:o:google:android:4.2.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.2.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.3:::::::*
reference_id	cpe:2.3:o:google:android:4.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.3.1:::::::*
reference_id	cpe:2.3:o:google:android:4.3.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.3.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:5.0:::::::*
reference_id	cpe:2.3:o:google:android:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:5.0.1:::::::*
reference_id	cpe:2.3:o:google:android:5.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:5.0.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:5.1:::::::*
reference_id	cpe:2.3:o:google:android:5.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:5.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:6.0:::::::*
reference_id	cpe:2.3:o:google:android:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:6.0.1:::::::*
reference_id	cpe:2.3:o:google:android:6.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:6.0.1:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-2464

reference_id

CVE-2016-2464

reference_type

scores

value	9.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:C/I:C/A:C

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-2464

fixed_packages

url pkg:deb/debian/libvpx@1.6.1-2~bpo8%2B1

purl pkg:deb/debian/libvpx@1.6.1-2~bpo8%2B1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-59n6-fj5x-33gn

vulnerability	VCID-7s5h-zrax-hkcv

vulnerability	VCID-8vka-qus2-tbhj

vulnerability	VCID-98mt-7srw-qfh4

vulnerability	VCID-djwx-su1m-57h4

vulnerability	VCID-f81v-9fv8-93cd

vulnerability	VCID-hhsp-7swr-qybd

vulnerability	VCID-kuxu-ty5p-8qbf

vulnerability	VCID-mcab-z6qn-gkds

vulnerability	VCID-txwy-bkhg-9qfv

vulnerability	VCID-ut2r-gvwc-4ydu

vulnerability	VCID-veqq-773w-1ba9

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.6.1-2~bpo8%252B1

aliases CVE-2016-2464

risk_score 4.2

exploitability 0.5

weighted_severity 8.4

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5bx8-w9sb-1bbs

url VCID-5n7c-tqzz-nfha

vulnerability_id VCID-5n7c-tqzz-nfha

summary

Multiple vulnerabilities have been found in the Chromium web
    browser, the worst of which allows remote attackers to execute arbitrary
    code.

references

reference_url	http://lists.fedoraproject.org/pipermail/package-announce/2016-March/179128.html
reference_id
reference_type
scores
url	http://lists.fedoraproject.org/pipermail/package-announce/2016-March/179128.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1621.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1621.json

reference_url	https://android.googlesource.com/platform/external/libvpx/+/04839626ed859623901ebd3a5fd483982186b59d
reference_id
reference_type
scores
url	https://android.googlesource.com/platform/external/libvpx/+/04839626ed859623901ebd3a5fd483982186b59d

reference_url	https://android.googlesource.com/platform/external/libvpx/+/5a9753fca56f0eeb9f61e342b2fccffc364f9426
reference_id
reference_type
scores
url	https://android.googlesource.com/platform/external/libvpx/+/5a9753fca56f0eeb9f61e342b2fccffc364f9426

reference_url	https://android.googlesource.com/platform/frameworks/av/+/5a6788730acfc6fd8f4a6ef89d2c376572a26b55
reference_id
reference_type
scores
url	https://android.googlesource.com/platform/frameworks/av/+/5a6788730acfc6fd8f4a6ef89d2c376572a26b55

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-1621

reference_id

reference_type

scores

value	0.08743
scoring_system	epss
scoring_elements	0.92516
published_at	2026-04-18T12:55:00Z

value	0.08743
scoring_system	epss
scoring_elements	0.92506
published_at	2026-04-13T12:55:00Z

value	0.08743
scoring_system	epss
scoring_elements	0.92465
published_at	2026-04-01T12:55:00Z

value	0.08743
scoring_system	epss
scoring_elements	0.92471
published_at	2026-04-02T12:55:00Z

value	0.08743
scoring_system	epss
scoring_elements	0.9248
published_at	2026-04-04T12:55:00Z

value	0.08743
scoring_system	epss
scoring_elements	0.92483
published_at	2026-04-07T12:55:00Z

value	0.08743
scoring_system	epss
scoring_elements	0.92495
published_at	2026-04-08T12:55:00Z

value	0.08743
scoring_system	epss
scoring_elements	0.92499
published_at	2026-04-09T12:55:00Z

value	0.08743
scoring_system	epss
scoring_elements	0.92505
published_at	2026-04-11T12:55:00Z

value	0.08743
scoring_system	epss
scoring_elements	0.92507
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-1621

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1621
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1621

reference_url	http://source.android.com/security/bulletin/2016-03-01.html
reference_id
reference_type
scores
url	http://source.android.com/security/bulletin/2016-03-01.html

reference_url	http://www.securityfocus.com/bid/84239
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/84239

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1318185
reference_id	1318185
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1318185

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.0:::::::*
reference_id	cpe:2.3:o:google:android:4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.0.1:::::::*
reference_id	cpe:2.3:o:google:android:4.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.0.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.0.2:::::::*
reference_id	cpe:2.3:o:google:android:4.0.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.0.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.0.3:::::::*
reference_id	cpe:2.3:o:google:android:4.0.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.0.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.0.4:::::::*
reference_id	cpe:2.3:o:google:android:4.0.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.0.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.1:::::::*
reference_id	cpe:2.3:o:google:android:4.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.1.2:::::::*
reference_id	cpe:2.3:o:google:android:4.1.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.1.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.2:::::::*
reference_id	cpe:2.3:o:google:android:4.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.2.1:::::::*
reference_id	cpe:2.3:o:google:android:4.2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.2.2:::::::*
reference_id	cpe:2.3:o:google:android:4.2.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.2.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.3:::::::*
reference_id	cpe:2.3:o:google:android:4.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.3.1:::::::*
reference_id	cpe:2.3:o:google:android:4.3.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.3.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.4:::::::*
reference_id	cpe:2.3:o:google:android:4.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.4.1:::::::*
reference_id	cpe:2.3:o:google:android:4.4.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.4.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.4.2:::::::*
reference_id	cpe:2.3:o:google:android:4.4.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.4.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.4.3:::::::*
reference_id	cpe:2.3:o:google:android:4.4.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.4.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:5.0:::::::*
reference_id	cpe:2.3:o:google:android:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:5.0.1:::::::*
reference_id	cpe:2.3:o:google:android:5.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:5.0.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:5.0.2:::::::*
reference_id	cpe:2.3:o:google:android:5.0.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:5.0.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:5.1:::::::*
reference_id	cpe:2.3:o:google:android:5.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:5.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:5.1.0:::::::*
reference_id	cpe:2.3:o:google:android:5.1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:5.1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:5.1.1:::::::*
reference_id	cpe:2.3:o:google:android:5.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:5.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:6.0:::::::*
reference_id	cpe:2.3:o:google:android:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:6.0.1:::::::*
reference_id	cpe:2.3:o:google:android:6.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:6.0.1:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-1621

reference_id

CVE-2016-1621

reference_type

scores

value	10.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:C/I:C/A:C

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-1621

reference_url	https://security.gentoo.org/glsa/201603-09
reference_id	GLSA-201603-09
reference_type
scores
url	https://security.gentoo.org/glsa/201603-09

fixed_packages

url pkg:deb/debian/libvpx@1.6.1-2~bpo8%2B1

purl pkg:deb/debian/libvpx@1.6.1-2~bpo8%2B1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-59n6-fj5x-33gn

vulnerability	VCID-7s5h-zrax-hkcv

vulnerability	VCID-8vka-qus2-tbhj

vulnerability	VCID-98mt-7srw-qfh4

vulnerability	VCID-djwx-su1m-57h4

vulnerability	VCID-f81v-9fv8-93cd

vulnerability	VCID-hhsp-7swr-qybd

vulnerability	VCID-kuxu-ty5p-8qbf

vulnerability	VCID-mcab-z6qn-gkds

vulnerability	VCID-txwy-bkhg-9qfv

vulnerability	VCID-ut2r-gvwc-4ydu

vulnerability	VCID-veqq-773w-1ba9

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.6.1-2~bpo8%252B1

aliases CVE-2016-1621

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5n7c-tqzz-nfha

url VCID-hkfy-wbqn-sba8

vulnerability_id VCID-hkfy-wbqn-sba8

summary A remote denial of service vulnerability in libvpx in Mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-11-01 could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High due to the possibility of remote denial of service. Android ID: A-30593752.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-6712

reference_id

reference_type

scores

value	0.00192
scoring_system	epss
scoring_elements	0.41071
published_at	2026-04-01T12:55:00Z

value	0.00192
scoring_system	epss
scoring_elements	0.41163
published_at	2026-04-02T12:55:00Z

value	0.00192
scoring_system	epss
scoring_elements	0.41194
published_at	2026-04-04T12:55:00Z

value	0.00192
scoring_system	epss
scoring_elements	0.41121
published_at	2026-04-07T12:55:00Z

value	0.00192
scoring_system	epss
scoring_elements	0.41169
published_at	2026-04-08T12:55:00Z

value	0.00192
scoring_system	epss
scoring_elements	0.41177
published_at	2026-04-09T12:55:00Z

value	0.00192
scoring_system	epss
scoring_elements	0.41197
published_at	2026-04-11T12:55:00Z

value	0.00192
scoring_system	epss
scoring_elements	0.41164
published_at	2026-04-18T12:55:00Z

value	0.00192
scoring_system	epss
scoring_elements	0.4115
published_at	2026-04-13T12:55:00Z

value	0.00192
scoring_system	epss
scoring_elements	0.41193
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-6712

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6712
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6712

fixed_packages

url pkg:deb/debian/libvpx@1.6.1-2~bpo8%2B1

purl pkg:deb/debian/libvpx@1.6.1-2~bpo8%2B1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-59n6-fj5x-33gn

vulnerability	VCID-7s5h-zrax-hkcv

vulnerability	VCID-8vka-qus2-tbhj

vulnerability	VCID-98mt-7srw-qfh4

vulnerability	VCID-djwx-su1m-57h4

vulnerability	VCID-f81v-9fv8-93cd

vulnerability	VCID-hhsp-7swr-qybd

vulnerability	VCID-kuxu-ty5p-8qbf

vulnerability	VCID-mcab-z6qn-gkds

vulnerability	VCID-txwy-bkhg-9qfv

vulnerability	VCID-ut2r-gvwc-4ydu

vulnerability	VCID-veqq-773w-1ba9

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.6.1-2~bpo8%252B1

aliases CVE-2016-6712

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hkfy-wbqn-sba8

url VCID-nw6w-7x8f-x7fw

vulnerability_id VCID-nw6w-7x8f-x7fw

summary The decoder_peek_si_internal function in vp9/vp9_dx_iface.c in libvpx in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-09-01, and 7.0 before 2016-09-01 allows remote attackers to cause a denial of service (buffer over-read, and device hang or reboot) via a crafted media file, aka internal bug 30013856.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-3881

reference_id

reference_type

scores

value	0.00266
scoring_system	epss
scoring_elements	0.50006
published_at	2026-04-01T12:55:00Z

value	0.00266
scoring_system	epss
scoring_elements	0.50044
published_at	2026-04-02T12:55:00Z

value	0.00266
scoring_system	epss
scoring_elements	0.50072
published_at	2026-04-04T12:55:00Z

value	0.00266
scoring_system	epss
scoring_elements	0.50022
published_at	2026-04-07T12:55:00Z

value	0.00266
scoring_system	epss
scoring_elements	0.50077
published_at	2026-04-08T12:55:00Z

value	0.00266
scoring_system	epss
scoring_elements	0.50069
published_at	2026-04-09T12:55:00Z

value	0.00266
scoring_system	epss
scoring_elements	0.50087
published_at	2026-04-11T12:55:00Z

value	0.00266
scoring_system	epss
scoring_elements	0.50059
published_at	2026-04-12T12:55:00Z

value	0.00266
scoring_system	epss
scoring_elements	0.50055
published_at	2026-04-13T12:55:00Z

value	0.00266
scoring_system	epss
scoring_elements	0.501
published_at	2026-04-16T12:55:00Z

value	0.00266
scoring_system	epss
scoring_elements	0.50101
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-3881

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3881
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3881

fixed_packages

url pkg:deb/debian/libvpx@1.6.1-2~bpo8%2B1

purl pkg:deb/debian/libvpx@1.6.1-2~bpo8%2B1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-59n6-fj5x-33gn

vulnerability	VCID-7s5h-zrax-hkcv

vulnerability	VCID-8vka-qus2-tbhj

vulnerability	VCID-98mt-7srw-qfh4

vulnerability	VCID-djwx-su1m-57h4

vulnerability	VCID-f81v-9fv8-93cd

vulnerability	VCID-hhsp-7swr-qybd

vulnerability	VCID-kuxu-ty5p-8qbf

vulnerability	VCID-mcab-z6qn-gkds

vulnerability	VCID-txwy-bkhg-9qfv

vulnerability	VCID-ut2r-gvwc-4ydu

vulnerability	VCID-veqq-773w-1ba9

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.6.1-2~bpo8%252B1

aliases CVE-2016-3881

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nw6w-7x8f-x7fw

url VCID-qcyp-en6e-vya2

vulnerability_id VCID-qcyp-en6e-vya2

summary libvpx: Denial of service in mediaserver

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-0393.json

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-0393.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-0393

reference_id

reference_type

scores

value	0.00414
scoring_system	epss
scoring_elements	0.61414
published_at	2026-04-01T12:55:00Z

value	0.00414
scoring_system	epss
scoring_elements	0.6149
published_at	2026-04-07T12:55:00Z

value	0.00414
scoring_system	epss
scoring_elements	0.61519
published_at	2026-04-04T12:55:00Z

value	0.00414
scoring_system	epss
scoring_elements	0.61538
published_at	2026-04-08T12:55:00Z

value	0.00414
scoring_system	epss
scoring_elements	0.61552
published_at	2026-04-09T12:55:00Z

value	0.00414
scoring_system	epss
scoring_elements	0.61573
published_at	2026-04-11T12:55:00Z

value	0.00414
scoring_system	epss
scoring_elements	0.6156
published_at	2026-04-12T12:55:00Z

value	0.00414
scoring_system	epss
scoring_elements	0.6154
published_at	2026-04-13T12:55:00Z

value	0.00414
scoring_system	epss
scoring_elements	0.61582
published_at	2026-04-16T12:55:00Z

value	0.00414
scoring_system	epss
scoring_elements	0.61586
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-0393

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0393
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0393

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1769657
reference_id	1769657
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1769657

reference_url	https://access.redhat.com/errata/RHSA-2020:3876
reference_id	RHSA-2020:3876
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3876

fixed_packages

url pkg:deb/debian/libvpx@1.6.1-2~bpo8%2B1

purl pkg:deb/debian/libvpx@1.6.1-2~bpo8%2B1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-59n6-fj5x-33gn

vulnerability	VCID-7s5h-zrax-hkcv

vulnerability	VCID-8vka-qus2-tbhj

vulnerability	VCID-98mt-7srw-qfh4

vulnerability	VCID-djwx-su1m-57h4

vulnerability	VCID-f81v-9fv8-93cd

vulnerability	VCID-hhsp-7swr-qybd

vulnerability	VCID-kuxu-ty5p-8qbf

vulnerability	VCID-mcab-z6qn-gkds

vulnerability	VCID-txwy-bkhg-9qfv

vulnerability	VCID-ut2r-gvwc-4ydu

vulnerability	VCID-veqq-773w-1ba9

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.6.1-2~bpo8%252B1

aliases CVE-2017-0393

risk_score 2.5

exploitability 0.5

weighted_severity 5.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qcyp-en6e-vya2

url VCID-wg9d-bt6y-6yfd

vulnerability_id VCID-wg9d-bt6y-6yfd

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-6711

reference_id

reference_type

scores

value	0.00452
scoring_system	epss
scoring_elements	0.63632
published_at	2026-04-01T12:55:00Z

value	0.00452
scoring_system	epss
scoring_elements	0.63692
published_at	2026-04-02T12:55:00Z

value	0.00452
scoring_system	epss
scoring_elements	0.63718
published_at	2026-04-04T12:55:00Z

value	0.00452
scoring_system	epss
scoring_elements	0.63678
published_at	2026-04-07T12:55:00Z

value	0.00452
scoring_system	epss
scoring_elements	0.6373
published_at	2026-04-08T12:55:00Z

value	0.00452
scoring_system	epss
scoring_elements	0.63747
published_at	2026-04-09T12:55:00Z

value	0.00452
scoring_system	epss
scoring_elements	0.63761
published_at	2026-04-11T12:55:00Z

value	0.00452
scoring_system	epss
scoring_elements	0.63746
published_at	2026-04-12T12:55:00Z

value	0.00452
scoring_system	epss
scoring_elements	0.63713
published_at	2026-04-13T12:55:00Z

value	0.00452
scoring_system	epss
scoring_elements	0.63748
published_at	2026-04-16T12:55:00Z

value	0.00452
scoring_system	epss
scoring_elements	0.63758
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-6711

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6711
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6711

fixed_packages

url pkg:deb/debian/libvpx@1.6.1-2~bpo8%2B1

purl pkg:deb/debian/libvpx@1.6.1-2~bpo8%2B1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-59n6-fj5x-33gn

vulnerability	VCID-7s5h-zrax-hkcv

vulnerability	VCID-8vka-qus2-tbhj

vulnerability	VCID-98mt-7srw-qfh4

vulnerability	VCID-djwx-su1m-57h4

vulnerability	VCID-f81v-9fv8-93cd

vulnerability	VCID-hhsp-7swr-qybd

vulnerability	VCID-kuxu-ty5p-8qbf

vulnerability	VCID-mcab-z6qn-gkds

vulnerability	VCID-txwy-bkhg-9qfv

vulnerability	VCID-ut2r-gvwc-4ydu

vulnerability	VCID-veqq-773w-1ba9

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.6.1-2~bpo8%252B1

aliases CVE-2016-6711

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wg9d-bt6y-6yfd

Risk_score 10.0

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.6.1-2~bpo8%252B1

Package Instance