Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/libvpx@1.16.0-3?distro=trixie

Type deb

Namespace debian

Name libvpx

Version 1.16.0-3

Qualifiers

distro	trixie

Subpath

Is_vulnerable false

Next_non_vulnerable_version null

Latest_non_vulnerable_version null

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-4mzm-67bs-d3h9

vulnerability_id VCID-4mzm-67bs-d3h9

summary libvpx: VP8 Codec decoder crash introduced in 0.9.7

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0823.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0823.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2012-0823

reference_id

reference_type

scores

value	0.01214
scoring_system	epss
scoring_elements	0.78966
published_at	2026-04-01T12:55:00Z

value	0.01214
scoring_system	epss
scoring_elements	0.78972
published_at	2026-04-02T12:55:00Z

value	0.01214
scoring_system	epss
scoring_elements	0.78998
published_at	2026-04-04T12:55:00Z

value	0.01214
scoring_system	epss
scoring_elements	0.78983
published_at	2026-04-07T12:55:00Z

value	0.01214
scoring_system	epss
scoring_elements	0.79007
published_at	2026-04-08T12:55:00Z

value	0.01214
scoring_system	epss
scoring_elements	0.79014
published_at	2026-04-09T12:55:00Z

value	0.01214
scoring_system	epss
scoring_elements	0.79038
published_at	2026-04-11T12:55:00Z

value	0.01214
scoring_system	epss
scoring_elements	0.79022
published_at	2026-04-12T12:55:00Z

value	0.01214
scoring_system	epss
scoring_elements	0.79012
published_at	2026-04-13T12:55:00Z

value	0.01214
scoring_system	epss
scoring_elements	0.7904
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2012-0823

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0823
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0823

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=785640
reference_id	785640
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=785640

fixed_packages

url	pkg:deb/debian/libvpx@1.0.0-1?distro=trixie
purl	pkg:deb/debian/libvpx@1.0.0-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.0.0-1%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u3?distro=trixie
purl	pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.9.0-1%252Bdeb11u3%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.12.0-1%2Bdeb12u4?distro=trixie
purl	pkg:deb/debian/libvpx@1.12.0-1%2Bdeb12u4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.12.0-1%252Bdeb12u4%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.15.0-2.1%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/libvpx@1.15.0-2.1%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.15.0-2.1%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.16.0-3?distro=trixie
purl	pkg:deb/debian/libvpx@1.16.0-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.16.0-3%3Fdistro=trixie

aliases CVE-2012-0823

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4mzm-67bs-d3h9

url VCID-4xgr-unyn-jkfj

vulnerability_id VCID-4xgr-unyn-jkfj

summary security update

references

reference_url	http://lists.fedoraproject.org/pipermail/package-announce/2014-November/141796.html
reference_id
reference_type
scores
url	http://lists.fedoraproject.org/pipermail/package-announce/2014-November/141796.html

reference_url	http://lists.fedoraproject.org/pipermail/package-announce/2014-October/141085.html
reference_id
reference_type
scores
url	http://lists.fedoraproject.org/pipermail/package-announce/2014-October/141085.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00024.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00024.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html

reference_url	http://lists.opensuse.org/opensuse-updates/2014-11/msg00000.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2014-11/msg00000.html

reference_url	http://lists.opensuse.org/opensuse-updates/2014-11/msg00001.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2014-11/msg00001.html

reference_url	http://lists.opensuse.org/opensuse-updates/2014-11/msg00002.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2014-11/msg00002.html

reference_url	http://lists.opensuse.org/opensuse-updates/2014-11/msg00003.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2014-11/msg00003.html

reference_url	http://rhn.redhat.com/errata/RHSA-2014-1635.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2014-1635.html

reference_url	http://rhn.redhat.com/errata/RHSA-2014-1647.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2014-1647.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1578.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1578.json

reference_url	https://advisories.mageia.org/MGASA-2014-0421.html
reference_id
reference_type
scores
url	https://advisories.mageia.org/MGASA-2014-0421.html

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2014-1578

reference_id

reference_type

scores

value	0.01644
scoring_system	epss
scoring_elements	0.81999
published_at	2026-04-16T12:55:00Z

value	0.01644
scoring_system	epss
scoring_elements	0.81896
published_at	2026-04-01T12:55:00Z

value	0.01644
scoring_system	epss
scoring_elements	0.81969
published_at	2026-04-12T12:55:00Z

value	0.01644
scoring_system	epss
scoring_elements	0.81964
published_at	2026-04-13T12:55:00Z

value	0.01644
scoring_system	epss
scoring_elements	0.81908
published_at	2026-04-02T12:55:00Z

value	0.01644
scoring_system	epss
scoring_elements	0.8193
published_at	2026-04-04T12:55:00Z

value	0.01644
scoring_system	epss
scoring_elements	0.81927
published_at	2026-04-07T12:55:00Z

value	0.01644
scoring_system	epss
scoring_elements	0.81953
published_at	2026-04-08T12:55:00Z

value	0.01644
scoring_system	epss
scoring_elements	0.81961
published_at	2026-04-09T12:55:00Z

value	0.01644
scoring_system	epss
scoring_elements	0.8198
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-1578

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1063327
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1063327

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1574
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1574

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1576
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1576

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1577
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1577

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1578
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1578

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1581
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1581

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1583
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1583

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1585
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1585

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1586
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1586

reference_url	http://secunia.com/advisories/61387
reference_id
reference_type
scores
url	http://secunia.com/advisories/61387

reference_url	http://secunia.com/advisories/61854
reference_id
reference_type
scores
url	http://secunia.com/advisories/61854

reference_url	http://secunia.com/advisories/62021
reference_id
reference_type
scores
url	http://secunia.com/advisories/62021

reference_url	http://secunia.com/advisories/62022
reference_id
reference_type
scores
url	http://secunia.com/advisories/62022

reference_url	http://secunia.com/advisories/62023
reference_id
reference_type
scores
url	http://secunia.com/advisories/62023

reference_url	http://www.debian.org/security/2014/dsa-3050
reference_id
reference_type
scores
url	http://www.debian.org/security/2014/dsa-3050

reference_url	http://www.debian.org/security/2014/dsa-3061
reference_id
reference_type
scores
url	http://www.debian.org/security/2014/dsa-3061

reference_url	http://www.mozilla.org/security/announce/2014/mfsa2014-77.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2014/mfsa2014-77.html

reference_url	http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html

reference_url	http://www.securityfocus.com/bid/70428
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/70428

reference_url	http://www.securitytracker.com/id/1031028
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1031028

reference_url	http://www.securitytracker.com/id/1031030
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1031030

reference_url	http://www.ubuntu.com/usn/USN-2372-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2372-1

reference_url	http://www.ubuntu.com/usn/USN-2373-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2373-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1152361
reference_id	1152361
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1152361

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=765435
reference_id	765435
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=765435

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:30.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:30.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:30.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:31.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:31.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:31.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:31.1.0:::::::*
reference_id	cpe:2.3:a:mozilla:firefox:31.1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:31.1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:31.0:::::::*
reference_id	cpe:2.3:a:mozilla:thunderbird:31.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:31.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:31.1.0:::::::*
reference_id	cpe:2.3:a:mozilla:thunderbird:31.1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:31.1.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2014-1578

reference_id

CVE-2014-1578

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2014-1578

reference_url	https://security.gentoo.org/glsa/201504-01
reference_id	GLSA-201504-01
reference_type
scores
url	https://security.gentoo.org/glsa/201504-01

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2014-77

reference_id

mfsa2014-77

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2014-77

reference_url	https://access.redhat.com/errata/RHSA-2014:1635
reference_id	RHSA-2014:1635
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1635

reference_url	https://access.redhat.com/errata/RHSA-2014:1647
reference_id	RHSA-2014:1647
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1647

reference_url	https://usn.ubuntu.com/2372-1/
reference_id	USN-2372-1
reference_type
scores
url	https://usn.ubuntu.com/2372-1/

reference_url	https://usn.ubuntu.com/2373-1/
reference_id	USN-2373-1
reference_type
scores
url	https://usn.ubuntu.com/2373-1/

fixed_packages

url	pkg:deb/debian/libvpx@1.3.0-3?distro=trixie
purl	pkg:deb/debian/libvpx@1.3.0-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.3.0-3%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u3?distro=trixie
purl	pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.9.0-1%252Bdeb11u3%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.12.0-1%2Bdeb12u4?distro=trixie
purl	pkg:deb/debian/libvpx@1.12.0-1%2Bdeb12u4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.12.0-1%252Bdeb12u4%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.15.0-2.1%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/libvpx@1.15.0-2.1%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.15.0-2.1%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.16.0-3?distro=trixie
purl	pkg:deb/debian/libvpx@1.16.0-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.16.0-3%3Fdistro=trixie

aliases CVE-2014-1578

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4xgr-unyn-jkfj

url VCID-59n6-fj5x-33gn

vulnerability_id VCID-59n6-fj5x-33gn

summary

Multiple vulnerabilities have been found in libvpx, the worst of
    which could result in the execution of arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00049.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00049.html

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9232.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9232.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-9232

reference_id

reference_type

scores

value	0.09266
scoring_system	epss
scoring_elements	0.92699
published_at	2026-04-01T12:55:00Z

value	0.09266
scoring_system	epss
scoring_elements	0.92742
published_at	2026-04-16T12:55:00Z

value	0.09266
scoring_system	epss
scoring_elements	0.92726
published_at	2026-04-09T12:55:00Z

value	0.09266
scoring_system	epss
scoring_elements	0.92731
published_at	2026-04-11T12:55:00Z

value	0.09266
scoring_system	epss
scoring_elements	0.9273
published_at	2026-04-13T12:55:00Z

value	0.09266
scoring_system	epss
scoring_elements	0.92706
published_at	2026-04-02T12:55:00Z

value	0.09266
scoring_system	epss
scoring_elements	0.92713
published_at	2026-04-04T12:55:00Z

value	0.09266
scoring_system	epss
scoring_elements	0.92711
published_at	2026-04-07T12:55:00Z

value	0.09266
scoring_system	epss
scoring_elements	0.92721
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-9232

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9232
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9232

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9325
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9325

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9433
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9433

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.debian.org/debian-lts-announce/2019/11/msg00030.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2019/11/msg00030.html

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DQSTK442ATWJOR4TU3MR6C3N5A6NDFFN/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DQSTK442ATWJOR4TU3MR6C3N5A6NDFFN/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U2IIA3RSYABBUCFIHXIRVUT5CTJVWWZ6/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U2IIA3RSYABBUCFIHXIRVUT5CTJVWWZ6/

reference_url	https://seclists.org/bugtraq/2019/Nov/43
reference_id
reference_type
scores
url	https://seclists.org/bugtraq/2019/Nov/43

reference_url	https://source.android.com/security/bulletin/android-10
reference_id
reference_type
scores
url	https://source.android.com/security/bulletin/android-10

reference_url	https://www.debian.org/security/2019/dsa-4578
reference_id
reference_type
scores
url	https://www.debian.org/security/2019/dsa-4578

reference_url	http://www.openwall.com/lists/oss-security/2019/10/25/17
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2019/10/25/17

reference_url	http://www.openwall.com/lists/oss-security/2019/10/27/1
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2019/10/27/1

reference_url	http://www.openwall.com/lists/oss-security/2019/11/07/1
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2019/11/07/1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1788966
reference_id	1788966
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1788966

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:19.04:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:10.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:30:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:31:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:10.0:::::::*
reference_id	cpe:2.3:o:google:android:10.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:10.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:15.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-9232

reference_id

CVE-2019-9232

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:N/A:N

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2019-9232

reference_url	https://security.gentoo.org/glsa/202003-59
reference_id	GLSA-202003-59
reference_type
scores
url	https://security.gentoo.org/glsa/202003-59

reference_url	https://access.redhat.com/errata/RHSA-2020:3876
reference_id	RHSA-2020:3876
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3876

reference_url	https://access.redhat.com/errata/RHSA-2020:4629
reference_id	RHSA-2020:4629
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:4629

reference_url	https://usn.ubuntu.com/4199-1/
reference_id	USN-4199-1
reference_type
scores
url	https://usn.ubuntu.com/4199-1/

reference_url	https://usn.ubuntu.com/4199-2/
reference_id	USN-4199-2
reference_type
scores
url	https://usn.ubuntu.com/4199-2/

fixed_packages

url	pkg:deb/debian/libvpx@1.8.1-2?distro=trixie
purl	pkg:deb/debian/libvpx@1.8.1-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.8.1-2%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u3?distro=trixie
purl	pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.9.0-1%252Bdeb11u3%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.12.0-1%2Bdeb12u4?distro=trixie
purl	pkg:deb/debian/libvpx@1.12.0-1%2Bdeb12u4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.12.0-1%252Bdeb12u4%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.15.0-2.1%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/libvpx@1.15.0-2.1%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.15.0-2.1%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.16.0-3?distro=trixie
purl	pkg:deb/debian/libvpx@1.16.0-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.16.0-3%3Fdistro=trixie

aliases CVE-2019-9232

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-59n6-fj5x-33gn

url VCID-5bx8-w9sb-1bbs

vulnerability_id VCID-5bx8-w9sb-1bbs

summary libvpx in libwebm in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted mkv file, aka internal bug 23167726.

references

reference_url	https://android.googlesource.com/platform/external/libvpx/+/65c49d5b382de4085ee5668732bcb0f6ecaf7148
reference_id
reference_type
scores
url	https://android.googlesource.com/platform/external/libvpx/+/65c49d5b382de4085ee5668732bcb0f6ecaf7148

reference_url	https://android.googlesource.com/platform/external/libvpx/+/cc274e2abe8b2a6698a5c47d8aa4bb45f1f9538d
reference_id
reference_type
scores
url	https://android.googlesource.com/platform/external/libvpx/+/cc274e2abe8b2a6698a5c47d8aa4bb45f1f9538d

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-2464

reference_id

reference_type

scores

value	0.00254
scoring_system	epss
scoring_elements	0.48753
published_at	2026-04-16T12:55:00Z

value	0.00254
scoring_system	epss
scoring_elements	0.48723
published_at	2026-04-11T12:55:00Z

value	0.00254
scoring_system	epss
scoring_elements	0.48697
published_at	2026-04-12T12:55:00Z

value	0.00254
scoring_system	epss
scoring_elements	0.48635
published_at	2026-04-01T12:55:00Z

value	0.00254
scoring_system	epss
scoring_elements	0.48676
published_at	2026-04-02T12:55:00Z

value	0.00254
scoring_system	epss
scoring_elements	0.48701
published_at	2026-04-04T12:55:00Z

value	0.00254
scoring_system	epss
scoring_elements	0.48655
published_at	2026-04-07T12:55:00Z

value	0.00254
scoring_system	epss
scoring_elements	0.48709
published_at	2026-04-08T12:55:00Z

value	0.00254
scoring_system	epss
scoring_elements	0.48705
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-2464

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2464
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2464

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	http://source.android.com/security/bulletin/2016-06-01.html
reference_id
reference_type
scores
url	http://source.android.com/security/bulletin/2016-06-01.html

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.0:::::::*
reference_id	cpe:2.3:o:google:android:4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.0.1:::::::*
reference_id	cpe:2.3:o:google:android:4.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.0.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.0.2:::::::*
reference_id	cpe:2.3:o:google:android:4.0.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.0.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.0.3:::::::*
reference_id	cpe:2.3:o:google:android:4.0.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.0.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.0.4:::::::*
reference_id	cpe:2.3:o:google:android:4.0.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.0.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.1:::::::*
reference_id	cpe:2.3:o:google:android:4.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.1.1:::::::*
reference_id	cpe:2.3:o:google:android:4.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.1.2:::::::*
reference_id	cpe:2.3:o:google:android:4.1.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.1.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.2:::::::*
reference_id	cpe:2.3:o:google:android:4.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.2.1:::::::*
reference_id	cpe:2.3:o:google:android:4.2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.2.2:::::::*
reference_id	cpe:2.3:o:google:android:4.2.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.2.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.3:::::::*
reference_id	cpe:2.3:o:google:android:4.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.3.1:::::::*
reference_id	cpe:2.3:o:google:android:4.3.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.3.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:5.0:::::::*
reference_id	cpe:2.3:o:google:android:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:5.0.1:::::::*
reference_id	cpe:2.3:o:google:android:5.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:5.0.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:5.1:::::::*
reference_id	cpe:2.3:o:google:android:5.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:5.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:6.0:::::::*
reference_id	cpe:2.3:o:google:android:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:6.0.1:::::::*
reference_id	cpe:2.3:o:google:android:6.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:6.0.1:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-2464

reference_id

CVE-2016-2464

reference_type

scores

value	9.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:C/I:C/A:C

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-2464

fixed_packages

url	pkg:deb/debian/libvpx@1.6.1-1?distro=trixie
purl	pkg:deb/debian/libvpx@1.6.1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.6.1-1%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u3?distro=trixie
purl	pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.9.0-1%252Bdeb11u3%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.12.0-1%2Bdeb12u4?distro=trixie
purl	pkg:deb/debian/libvpx@1.12.0-1%2Bdeb12u4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.12.0-1%252Bdeb12u4%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.15.0-2.1%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/libvpx@1.15.0-2.1%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.15.0-2.1%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.16.0-3?distro=trixie
purl	pkg:deb/debian/libvpx@1.16.0-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.16.0-3%3Fdistro=trixie

aliases CVE-2016-2464

risk_score 4.2

exploitability 0.5

weighted_severity 8.4

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5bx8-w9sb-1bbs

url VCID-5n7c-tqzz-nfha

vulnerability_id VCID-5n7c-tqzz-nfha

summary

Multiple vulnerabilities have been found in the Chromium web
    browser, the worst of which allows remote attackers to execute arbitrary
    code.

references

reference_url	http://lists.fedoraproject.org/pipermail/package-announce/2016-March/179128.html
reference_id
reference_type
scores
url	http://lists.fedoraproject.org/pipermail/package-announce/2016-March/179128.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1621.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1621.json

reference_url	https://android.googlesource.com/platform/external/libvpx/+/04839626ed859623901ebd3a5fd483982186b59d
reference_id
reference_type
scores
url	https://android.googlesource.com/platform/external/libvpx/+/04839626ed859623901ebd3a5fd483982186b59d

reference_url	https://android.googlesource.com/platform/external/libvpx/+/5a9753fca56f0eeb9f61e342b2fccffc364f9426
reference_id
reference_type
scores
url	https://android.googlesource.com/platform/external/libvpx/+/5a9753fca56f0eeb9f61e342b2fccffc364f9426

reference_url	https://android.googlesource.com/platform/frameworks/av/+/5a6788730acfc6fd8f4a6ef89d2c376572a26b55
reference_id
reference_type
scores
url	https://android.googlesource.com/platform/frameworks/av/+/5a6788730acfc6fd8f4a6ef89d2c376572a26b55

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-1621

reference_id

reference_type

scores

value	0.08743
scoring_system	epss
scoring_elements	0.92516
published_at	2026-04-16T12:55:00Z

value	0.08743
scoring_system	epss
scoring_elements	0.92506
published_at	2026-04-13T12:55:00Z

value	0.08743
scoring_system	epss
scoring_elements	0.92465
published_at	2026-04-01T12:55:00Z

value	0.08743
scoring_system	epss
scoring_elements	0.92471
published_at	2026-04-02T12:55:00Z

value	0.08743
scoring_system	epss
scoring_elements	0.9248
published_at	2026-04-04T12:55:00Z

value	0.08743
scoring_system	epss
scoring_elements	0.92483
published_at	2026-04-07T12:55:00Z

value	0.08743
scoring_system	epss
scoring_elements	0.92495
published_at	2026-04-08T12:55:00Z

value	0.08743
scoring_system	epss
scoring_elements	0.92499
published_at	2026-04-09T12:55:00Z

value	0.08743
scoring_system	epss
scoring_elements	0.92505
published_at	2026-04-11T12:55:00Z

value	0.08743
scoring_system	epss
scoring_elements	0.92507
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-1621

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1621
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1621

reference_url	http://source.android.com/security/bulletin/2016-03-01.html
reference_id
reference_type
scores
url	http://source.android.com/security/bulletin/2016-03-01.html

reference_url	http://www.securityfocus.com/bid/84239
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/84239

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1318185
reference_id	1318185
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1318185

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.0:::::::*
reference_id	cpe:2.3:o:google:android:4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.0.1:::::::*
reference_id	cpe:2.3:o:google:android:4.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.0.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.0.2:::::::*
reference_id	cpe:2.3:o:google:android:4.0.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.0.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.0.3:::::::*
reference_id	cpe:2.3:o:google:android:4.0.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.0.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.0.4:::::::*
reference_id	cpe:2.3:o:google:android:4.0.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.0.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.1:::::::*
reference_id	cpe:2.3:o:google:android:4.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.1.2:::::::*
reference_id	cpe:2.3:o:google:android:4.1.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.1.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.2:::::::*
reference_id	cpe:2.3:o:google:android:4.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.2.1:::::::*
reference_id	cpe:2.3:o:google:android:4.2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.2.2:::::::*
reference_id	cpe:2.3:o:google:android:4.2.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.2.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.3:::::::*
reference_id	cpe:2.3:o:google:android:4.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.3.1:::::::*
reference_id	cpe:2.3:o:google:android:4.3.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.3.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.4:::::::*
reference_id	cpe:2.3:o:google:android:4.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.4.1:::::::*
reference_id	cpe:2.3:o:google:android:4.4.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.4.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.4.2:::::::*
reference_id	cpe:2.3:o:google:android:4.4.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.4.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.4.3:::::::*
reference_id	cpe:2.3:o:google:android:4.4.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.4.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:5.0:::::::*
reference_id	cpe:2.3:o:google:android:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:5.0.1:::::::*
reference_id	cpe:2.3:o:google:android:5.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:5.0.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:5.0.2:::::::*
reference_id	cpe:2.3:o:google:android:5.0.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:5.0.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:5.1:::::::*
reference_id	cpe:2.3:o:google:android:5.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:5.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:5.1.0:::::::*
reference_id	cpe:2.3:o:google:android:5.1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:5.1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:5.1.1:::::::*
reference_id	cpe:2.3:o:google:android:5.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:5.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:6.0:::::::*
reference_id	cpe:2.3:o:google:android:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:6.0.1:::::::*
reference_id	cpe:2.3:o:google:android:6.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:6.0.1:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-1621

reference_id

CVE-2016-1621

reference_type

scores

value	10.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:C/I:C/A:C

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-1621

reference_url	https://security.gentoo.org/glsa/201603-09
reference_id	GLSA-201603-09
reference_type
scores
url	https://security.gentoo.org/glsa/201603-09

fixed_packages

url	pkg:deb/debian/libvpx@1.6.1-1?distro=trixie
purl	pkg:deb/debian/libvpx@1.6.1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.6.1-1%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u3?distro=trixie
purl	pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.9.0-1%252Bdeb11u3%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.12.0-1%2Bdeb12u4?distro=trixie
purl	pkg:deb/debian/libvpx@1.12.0-1%2Bdeb12u4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.12.0-1%252Bdeb12u4%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.15.0-2.1%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/libvpx@1.15.0-2.1%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.15.0-2.1%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.16.0-3?distro=trixie
purl	pkg:deb/debian/libvpx@1.16.0-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.16.0-3%3Fdistro=trixie

aliases CVE-2016-1621

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5n7c-tqzz-nfha

url VCID-7nng-abc2-fuep

vulnerability_id VCID-7nng-abc2-fuep

summary

Multiple vulnerabilities have been found in Firefox, Thunderbird,
    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with
    the worst of which may allow remote execution of arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1972.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1972.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-1972

reference_id

reference_type

scores

value	0.00623
scoring_system	epss
scoring_elements	0.70183
published_at	2026-04-16T12:55:00Z

value	0.00623
scoring_system	epss
scoring_elements	0.70076
published_at	2026-04-01T12:55:00Z

value	0.00623
scoring_system	epss
scoring_elements	0.70144
published_at	2026-04-09T12:55:00Z

value	0.00623
scoring_system	epss
scoring_elements	0.70167
published_at	2026-04-11T12:55:00Z

value	0.00623
scoring_system	epss
scoring_elements	0.70153
published_at	2026-04-12T12:55:00Z

value	0.00623
scoring_system	epss
scoring_elements	0.7014
published_at	2026-04-13T12:55:00Z

value	0.00623
scoring_system	epss
scoring_elements	0.70088
published_at	2026-04-02T12:55:00Z

value	0.00623
scoring_system	epss
scoring_elements	0.70103
published_at	2026-04-04T12:55:00Z

value	0.00623
scoring_system	epss
scoring_elements	0.7008
published_at	2026-04-07T12:55:00Z

value	0.00623
scoring_system	epss
scoring_elements	0.70128
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-1972

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1218124
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1218124

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.1
scoring_system	cvssv2
scoring_elements	AV:N/AC:H/Au:N/C:P/I:P/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	http://www.mozilla.org/security/announce/2016/mfsa2016-32.html
reference_id
reference_type
scores
url	http://www.mozilla.org/security/announce/2016/mfsa2016-32.html

reference_url	http://www.securityfocus.com/bid/84220
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/84220

reference_url	http://www.securitytracker.com/id/1035215
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1035215

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1315780
reference_id	1315780
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1315780

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows::::::::
reference_id	cpe:2.3:o:microsoft:windows::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows::::::::

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1972
reference_id	CVE-2016-1972
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1972

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-1972

reference_id

CVE-2016-1972

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-1972

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-32

reference_id

mfsa2016-32

reference_type

scores

value	none
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2016-32

fixed_packages

url	pkg:deb/debian/libvpx@0?distro=trixie
purl	pkg:deb/debian/libvpx@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@0%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u3?distro=trixie
purl	pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.9.0-1%252Bdeb11u3%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.12.0-1%2Bdeb12u4?distro=trixie
purl	pkg:deb/debian/libvpx@1.12.0-1%2Bdeb12u4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.12.0-1%252Bdeb12u4%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.15.0-2.1%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/libvpx@1.15.0-2.1%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.15.0-2.1%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.16.0-3?distro=trixie
purl	pkg:deb/debian/libvpx@1.16.0-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.16.0-3%3Fdistro=trixie

aliases CVE-2016-1972

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7nng-abc2-fuep

url VCID-7s5h-zrax-hkcv

vulnerability_id VCID-7s5h-zrax-hkcv

summary libvpx: Out of bounds read in vp8_decode_frame in decodeframe.c

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00048.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00048.html

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-0034.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-0034.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-0034

reference_id

reference_type

scores

value	0.0451
scoring_system	epss
scoring_elements	0.89088
published_at	2026-04-01T12:55:00Z

value	0.0451
scoring_system	epss
scoring_elements	0.89155
published_at	2026-04-16T12:55:00Z

value	0.0451
scoring_system	epss
scoring_elements	0.89148
published_at	2026-04-11T12:55:00Z

value	0.0451
scoring_system	epss
scoring_elements	0.89144
published_at	2026-04-12T12:55:00Z

value	0.0451
scoring_system	epss
scoring_elements	0.89142
published_at	2026-04-13T12:55:00Z

value	0.0451
scoring_system	epss
scoring_elements	0.89097
published_at	2026-04-02T12:55:00Z

value	0.0451
scoring_system	epss
scoring_elements	0.89112
published_at	2026-04-04T12:55:00Z

value	0.0451
scoring_system	epss
scoring_elements	0.89114
published_at	2026-04-07T12:55:00Z

value	0.0451
scoring_system	epss
scoring_elements	0.89132
published_at	2026-04-08T12:55:00Z

value	0.0451
scoring_system	epss
scoring_elements	0.89137
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-0034

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-0034
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-0034

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.debian.org/debian-lts-announce/2021/11/msg00024.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2021/11/msg00024.html

reference_url	https://source.android.com/security/bulletin/2020-03-01
reference_id
reference_type
scores
url	https://source.android.com/security/bulletin/2020-03-01

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1813000
reference_id	1813000
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1813000

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:8.0:::::::*
reference_id	cpe:2.3:o:google:android:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:8.1:::::::*
reference_id	cpe:2.3:o:google:android:8.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:8.1:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2020-0034

reference_id

CVE-2020-0034

reference_type

scores

value	7.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:C/I:N/A:N

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2020-0034

reference_url	https://access.redhat.com/errata/RHSA-2020:3876
reference_id	RHSA-2020:3876
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3876

reference_url	https://usn.ubuntu.com/5637-1/
reference_id	USN-5637-1
reference_type
scores
url	https://usn.ubuntu.com/5637-1/

fixed_packages

url	pkg:deb/debian/libvpx@1.7.0-3?distro=trixie
purl	pkg:deb/debian/libvpx@1.7.0-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.7.0-3%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u3?distro=trixie
purl	pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.9.0-1%252Bdeb11u3%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.12.0-1%2Bdeb12u4?distro=trixie
purl	pkg:deb/debian/libvpx@1.12.0-1%2Bdeb12u4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.12.0-1%252Bdeb12u4%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.15.0-2.1%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/libvpx@1.15.0-2.1%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.15.0-2.1%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.16.0-3?distro=trixie
purl	pkg:deb/debian/libvpx@1.16.0-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.16.0-3%3Fdistro=trixie

aliases CVE-2020-0034

risk_score 3.5

exploitability 0.5

weighted_severity 7.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7s5h-zrax-hkcv

url VCID-8vka-qus2-tbhj

vulnerability_id VCID-8vka-qus2-tbhj

summary Heap buffer overflow in libvpx. This vulnerability affects Firefox < 147.0.4, Firefox ESR < 140.7.1, Firefox ESR < 115.32.1, Thunderbird < 140.7.2, and Thunderbird < 147.0.2.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2447.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2447.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-2447

reference_id

reference_type

scores

value	0.00017
scoring_system	epss
scoring_elements	0.03902
published_at	2026-04-08T12:55:00Z

value	0.00017
scoring_system	epss
scoring_elements	0.03896
published_at	2026-04-11T12:55:00Z

value	0.00017
scoring_system	epss
scoring_elements	0.03884
published_at	2026-04-04T12:55:00Z

value	0.00017
scoring_system	epss
scoring_elements	0.03897
published_at	2026-04-07T12:55:00Z

value	0.00017
scoring_system	epss
scoring_elements	0.03927
published_at	2026-04-09T12:55:00Z

value	0.00017
scoring_system	epss
scoring_elements	0.03874
published_at	2026-04-02T12:55:00Z

value	0.00017
scoring_system	epss
scoring_elements	0.03829
published_at	2026-04-16T12:55:00Z

value	0.00017
scoring_system	epss
scoring_elements	0.0385
published_at	2026-04-13T12:55:00Z

value	0.00017
scoring_system	epss
scoring_elements	0.03877
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-2447

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2447
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2447

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1128283
reference_id	1128283
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1128283

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2440219
reference_id	2440219
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2440219

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-10

reference_id

mfsa2026-10

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-10

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-10/

reference_id

mfsa2026-10

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-17T14:52:59Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-10/

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-11

reference_id

mfsa2026-11

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2026-11

reference_url

https://www.mozilla.org/security/advisories/mfsa2026-11/

reference_id

mfsa2026-11

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-17T14:52:59Z/

url

https://www.mozilla.org/security/advisories/mfsa2026-11/

reference_url	https://access.redhat.com/errata/RHSA-2026:3338
reference_id	RHSA-2026:3338
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3338

reference_url	https://access.redhat.com/errata/RHSA-2026:3339
reference_id	RHSA-2026:3339
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3339

reference_url	https://access.redhat.com/errata/RHSA-2026:3361
reference_id	RHSA-2026:3361
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3361

reference_url	https://access.redhat.com/errata/RHSA-2026:3491
reference_id	RHSA-2026:3491
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3491

reference_url	https://access.redhat.com/errata/RHSA-2026:3492
reference_id	RHSA-2026:3492
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3492

reference_url	https://access.redhat.com/errata/RHSA-2026:3493
reference_id	RHSA-2026:3493
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3493

reference_url	https://access.redhat.com/errata/RHSA-2026:3494
reference_id	RHSA-2026:3494
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3494

reference_url	https://access.redhat.com/errata/RHSA-2026:3495
reference_id	RHSA-2026:3495
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3495

reference_url	https://access.redhat.com/errata/RHSA-2026:3496
reference_id	RHSA-2026:3496
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3496

reference_url	https://access.redhat.com/errata/RHSA-2026:3497
reference_id	RHSA-2026:3497
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3497

reference_url	https://access.redhat.com/errata/RHSA-2026:3515
reference_id	RHSA-2026:3515
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3515

reference_url	https://access.redhat.com/errata/RHSA-2026:3516
reference_id	RHSA-2026:3516
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3516

reference_url	https://access.redhat.com/errata/RHSA-2026:3517
reference_id	RHSA-2026:3517
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3517

reference_url	https://access.redhat.com/errata/RHSA-2026:3967
reference_id	RHSA-2026:3967
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3967

reference_url	https://access.redhat.com/errata/RHSA-2026:3976
reference_id	RHSA-2026:3976
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3976

reference_url	https://access.redhat.com/errata/RHSA-2026:3978
reference_id	RHSA-2026:3978
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3978

reference_url	https://access.redhat.com/errata/RHSA-2026:3979
reference_id	RHSA-2026:3979
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3979

reference_url	https://access.redhat.com/errata/RHSA-2026:3980
reference_id	RHSA-2026:3980
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3980

reference_url	https://access.redhat.com/errata/RHSA-2026:3981
reference_id	RHSA-2026:3981
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3981

reference_url	https://access.redhat.com/errata/RHSA-2026:3982
reference_id	RHSA-2026:3982
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3982

reference_url	https://access.redhat.com/errata/RHSA-2026:3983
reference_id	RHSA-2026:3983
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3983

reference_url	https://access.redhat.com/errata/RHSA-2026:3984
reference_id	RHSA-2026:3984
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3984

reference_url	https://access.redhat.com/errata/RHSA-2026:4022
reference_id	RHSA-2026:4022
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4022

reference_url	https://access.redhat.com/errata/RHSA-2026:4152
reference_id	RHSA-2026:4152
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4152

reference_url	https://access.redhat.com/errata/RHSA-2026:4260
reference_id	RHSA-2026:4260
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4260

reference_url	https://access.redhat.com/errata/RHSA-2026:4432
reference_id	RHSA-2026:4432
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4432

reference_url	https://access.redhat.com/errata/RHSA-2026:4447
reference_id	RHSA-2026:4447
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4447

reference_url	https://access.redhat.com/errata/RHSA-2026:4629
reference_id	RHSA-2026:4629
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4629

reference_url	https://access.redhat.com/errata/RHSA-2026:5227
reference_id	RHSA-2026:5227
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5227

reference_url	https://access.redhat.com/errata/RHSA-2026:5228
reference_id	RHSA-2026:5228
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5228

reference_url	https://access.redhat.com/errata/RHSA-2026:5229
reference_id	RHSA-2026:5229
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5229

reference_url	https://access.redhat.com/errata/RHSA-2026:5230
reference_id	RHSA-2026:5230
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5230

reference_url	https://access.redhat.com/errata/RHSA-2026:5231
reference_id	RHSA-2026:5231
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5231

reference_url	https://access.redhat.com/errata/RHSA-2026:5319
reference_id	RHSA-2026:5319
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5319

reference_url	https://access.redhat.com/errata/RHSA-2026:5320
reference_id	RHSA-2026:5320
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5320

reference_url	https://access.redhat.com/errata/RHSA-2026:5323
reference_id	RHSA-2026:5323
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5323

reference_url	https://access.redhat.com/errata/RHSA-2026:5324
reference_id	RHSA-2026:5324
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5324

reference_url	https://access.redhat.com/errata/RHSA-2026:5326
reference_id	RHSA-2026:5326
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5326

reference_url

https://bugzilla.mozilla.org/show_bug.cgi?id=2014390

reference_id

show_bug.cgi?id=2014390

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-17T14:52:59Z/

url

https://bugzilla.mozilla.org/show_bug.cgi?id=2014390

reference_url	https://usn.ubuntu.com/8053-1/
reference_id	USN-8053-1
reference_type
scores
url	https://usn.ubuntu.com/8053-1/

fixed_packages

url	pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u3?distro=trixie
purl	pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.9.0-1%252Bdeb11u3%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u5?distro=trixie
purl	pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.9.0-1%252Bdeb11u5%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.12.0-1%2Bdeb12u4?distro=trixie
purl	pkg:deb/debian/libvpx@1.12.0-1%2Bdeb12u4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.12.0-1%252Bdeb12u4%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.12.0-1%2Bdeb12u5?distro=trixie
purl	pkg:deb/debian/libvpx@1.12.0-1%2Bdeb12u5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.12.0-1%252Bdeb12u5%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.15.0-2.1%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/libvpx@1.15.0-2.1%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.15.0-2.1%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.16.0-3?distro=trixie
purl	pkg:deb/debian/libvpx@1.16.0-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.16.0-3%3Fdistro=trixie

aliases CVE-2026-2447

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8vka-qus2-tbhj

url VCID-98mt-7srw-qfh4

vulnerability_id VCID-98mt-7srw-qfh4

summary A vulnerability has been discovered in libvpx, which could lead to execution of arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5283.json

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5283.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-5283

reference_id

reference_type

scores

value	0.00273
scoring_system	epss
scoring_elements	0.50758
published_at	2026-04-16T12:55:00Z

value	0.00273
scoring_system	epss
scoring_elements	0.50733
published_at	2026-04-12T12:55:00Z

value	0.00273
scoring_system	epss
scoring_elements	0.50756
published_at	2026-04-11T12:55:00Z

value	0.00273
scoring_system	epss
scoring_elements	0.50714
published_at	2026-04-09T12:55:00Z

value	0.00273
scoring_system	epss
scoring_elements	0.50681
published_at	2026-04-02T12:55:00Z

value	0.00273
scoring_system	epss
scoring_elements	0.50663
published_at	2026-04-07T12:55:00Z

value	0.00273
scoring_system	epss
scoring_elements	0.50718
published_at	2026-04-13T12:55:00Z

value	0.00273
scoring_system	epss
scoring_elements	0.50707
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-5283

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5283
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5283

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1106689
reference_id	1106689
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1106689

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2368749
reference_id	2368749
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2368749

reference_url

https://issues.chromium.org/issues/419467315

reference_id

419467315

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-28T13:25:59Z/

url

https://issues.chromium.org/issues/419467315

reference_url	https://security.gentoo.org/glsa/202509-07
reference_id	GLSA-202509-07
reference_type
scores
url	https://security.gentoo.org/glsa/202509-07

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-42

reference_id

mfsa2025-42

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-42

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-43

reference_id

mfsa2025-43

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-43

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-44

reference_id

mfsa2025-44

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-44

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-45

reference_id

mfsa2025-45

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-45

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-46

reference_id

mfsa2025-46

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2025-46

reference_url	https://access.redhat.com/errata/RHSA-2025:8293
reference_id	RHSA-2025:8293
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8293

reference_url	https://access.redhat.com/errata/RHSA-2025:8308
reference_id	RHSA-2025:8308
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8308

reference_url	https://access.redhat.com/errata/RHSA-2025:8341
reference_id	RHSA-2025:8341
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8341

reference_url	https://access.redhat.com/errata/RHSA-2025:8598
reference_id	RHSA-2025:8598
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8598

reference_url	https://access.redhat.com/errata/RHSA-2025:8599
reference_id	RHSA-2025:8599
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8599

reference_url	https://access.redhat.com/errata/RHSA-2025:8607
reference_id	RHSA-2025:8607
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8607

reference_url	https://access.redhat.com/errata/RHSA-2025:8608
reference_id	RHSA-2025:8608
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8608

reference_url	https://access.redhat.com/errata/RHSA-2025:8628
reference_id	RHSA-2025:8628
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8628

reference_url	https://access.redhat.com/errata/RHSA-2025:8629
reference_id	RHSA-2025:8629
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8629

reference_url	https://access.redhat.com/errata/RHSA-2025:8630
reference_id	RHSA-2025:8630
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8630

reference_url	https://access.redhat.com/errata/RHSA-2025:8631
reference_id	RHSA-2025:8631
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8631

reference_url	https://access.redhat.com/errata/RHSA-2025:8642
reference_id	RHSA-2025:8642
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8642

reference_url	https://access.redhat.com/errata/RHSA-2025:8756
reference_id	RHSA-2025:8756
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8756

reference_url	https://access.redhat.com/errata/RHSA-2025:9071
reference_id	RHSA-2025:9071
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9071

reference_url	https://access.redhat.com/errata/RHSA-2025:9072
reference_id	RHSA-2025:9072
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9072

reference_url	https://access.redhat.com/errata/RHSA-2025:9073
reference_id	RHSA-2025:9073
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9073

reference_url	https://access.redhat.com/errata/RHSA-2025:9074
reference_id	RHSA-2025:9074
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9074

reference_url	https://access.redhat.com/errata/RHSA-2025:9075
reference_id	RHSA-2025:9075
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9075

reference_url	https://access.redhat.com/errata/RHSA-2025:9076
reference_id	RHSA-2025:9076
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9076

reference_url	https://access.redhat.com/errata/RHSA-2025:9077
reference_id	RHSA-2025:9077
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9077

reference_url	https://access.redhat.com/errata/RHSA-2025:9118
reference_id	RHSA-2025:9118
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9118

reference_url	https://access.redhat.com/errata/RHSA-2025:9119
reference_id	RHSA-2025:9119
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9119

reference_url	https://access.redhat.com/errata/RHSA-2025:9120
reference_id	RHSA-2025:9120
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9120

reference_url	https://access.redhat.com/errata/RHSA-2025:9122
reference_id	RHSA-2025:9122
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9122

reference_url	https://access.redhat.com/errata/RHSA-2025:9123
reference_id	RHSA-2025:9123
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9123

reference_url	https://access.redhat.com/errata/RHSA-2025:9124
reference_id	RHSA-2025:9124
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9124

reference_url	https://access.redhat.com/errata/RHSA-2025:9125
reference_id	RHSA-2025:9125
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9125

reference_url	https://access.redhat.com/errata/RHSA-2025:9126
reference_id	RHSA-2025:9126
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9126

reference_url	https://access.redhat.com/errata/RHSA-2025:9127
reference_id	RHSA-2025:9127
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9127

reference_url	https://access.redhat.com/errata/RHSA-2025:9128
reference_id	RHSA-2025:9128
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9128

reference_url	https://access.redhat.com/errata/RHSA-2025:9155
reference_id	RHSA-2025:9155
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9155

reference_url	https://access.redhat.com/errata/RHSA-2025:9331
reference_id	RHSA-2025:9331
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9331

reference_url

https://chromereleases.googleblog.com/2025/05/stable-channel-update-for-desktop_27.html

reference_id

stable-channel-update-for-desktop_27.html

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-28T13:25:59Z/

url

https://chromereleases.googleblog.com/2025/05/stable-channel-update-for-desktop_27.html

reference_url	https://usn.ubuntu.com/7551-1/
reference_id	USN-7551-1
reference_type
scores
url	https://usn.ubuntu.com/7551-1/

reference_url	https://usn.ubuntu.com/7991-1/
reference_id	USN-7991-1
reference_type
scores
url	https://usn.ubuntu.com/7991-1/

fixed_packages

url	pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u3?distro=trixie
purl	pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.9.0-1%252Bdeb11u3%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u4?distro=trixie
purl	pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.9.0-1%252Bdeb11u4%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.12.0-1%2Bdeb12u4?distro=trixie
purl	pkg:deb/debian/libvpx@1.12.0-1%2Bdeb12u4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.12.0-1%252Bdeb12u4%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.15.0-2.1?distro=trixie
purl	pkg:deb/debian/libvpx@1.15.0-2.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.15.0-2.1%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.15.0-2.1%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/libvpx@1.15.0-2.1%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.15.0-2.1%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.16.0-3?distro=trixie
purl	pkg:deb/debian/libvpx@1.16.0-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.16.0-3%3Fdistro=trixie

aliases CVE-2025-5283

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-98mt-7srw-qfh4

url VCID-d1xs-2tfm-2ud6

vulnerability_id VCID-d1xs-2tfm-2ud6

summary libvpx: Signedness error in partition size check

references

reference_url	http://code.google.com/p/chromium/issues/detail?id=61653
reference_id
reference_type
scores
url	http://code.google.com/p/chromium/issues/detail?id=61653

reference_url	http://googlechromereleases.blogspot.com/2010/12/stable-beta-channel-updates.html
reference_id
reference_type
scores
url	http://googlechromereleases.blogspot.com/2010/12/stable-beta-channel-updates.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4489.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4489.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2010-4489

reference_id

reference_type

scores

value	0.00763
scoring_system	epss
scoring_elements	0.73439
published_at	2026-04-16T12:55:00Z

value	0.00763
scoring_system	epss
scoring_elements	0.73345
published_at	2026-04-01T12:55:00Z

value	0.00763
scoring_system	epss
scoring_elements	0.73355
published_at	2026-04-02T12:55:00Z

value	0.00763
scoring_system	epss
scoring_elements	0.73378
published_at	2026-04-04T12:55:00Z

value	0.00763
scoring_system	epss
scoring_elements	0.7335
published_at	2026-04-07T12:55:00Z

value	0.00763
scoring_system	epss
scoring_elements	0.73387
published_at	2026-04-08T12:55:00Z

value	0.00763
scoring_system	epss
scoring_elements	0.73401
published_at	2026-04-09T12:55:00Z

value	0.00763
scoring_system	epss
scoring_elements	0.73424
published_at	2026-04-11T12:55:00Z

value	0.00763
scoring_system	epss
scoring_elements	0.73404
published_at	2026-04-12T12:55:00Z

value	0.00763
scoring_system	epss
scoring_elements	0.73396
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2010-4489

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4489
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4489

reference_url	http://secunia.com/advisories/42472
reference_id
reference_type
scores
url	http://secunia.com/advisories/42472

reference_url	http://secunia.com/advisories/43728
reference_id
reference_type
scores
url	http://secunia.com/advisories/43728

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11919
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11919

reference_url	http://www.ubuntu.com/usn/USN-1087-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-1087-1

reference_url	http://www.vupen.com/english/advisories/2011/0662
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2011/0662

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=610510
reference_id	610510
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=610510

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=670840
reference_id	670840
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=670840

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome::::::::
reference_id	cpe:2.3:a:google:chrome::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2010-4489

reference_id

CVE-2010-4489

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2010-4489

reference_url	https://usn.ubuntu.com/1087-1/
reference_id	USN-1087-1
reference_type
scores
url	https://usn.ubuntu.com/1087-1/

fixed_packages

url	pkg:deb/debian/libvpx@0.9.5-1?distro=trixie
purl	pkg:deb/debian/libvpx@0.9.5-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@0.9.5-1%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u3?distro=trixie
purl	pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.9.0-1%252Bdeb11u3%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.12.0-1%2Bdeb12u4?distro=trixie
purl	pkg:deb/debian/libvpx@1.12.0-1%2Bdeb12u4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.12.0-1%252Bdeb12u4%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.15.0-2.1%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/libvpx@1.15.0-2.1%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.15.0-2.1%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.16.0-3?distro=trixie
purl	pkg:deb/debian/libvpx@1.16.0-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.16.0-3%3Fdistro=trixie

aliases CVE-2010-4489

risk_score 1.9

exploitability 0.5

weighted_severity 3.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-d1xs-2tfm-2ud6

url VCID-djwx-su1m-57h4

vulnerability_id VCID-djwx-su1m-57h4

summary

Multiple vulnerabilities have been found in libvpx, the worst of
    which could result in the execution of arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00049.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00049.html

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9433.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9433.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-9433

reference_id

reference_type

scores

value	0.08604
scoring_system	epss
scoring_elements	0.92385
published_at	2026-04-01T12:55:00Z

value	0.08604
scoring_system	epss
scoring_elements	0.92436
published_at	2026-04-16T12:55:00Z

value	0.08604
scoring_system	epss
scoring_elements	0.92419
published_at	2026-04-09T12:55:00Z

value	0.08604
scoring_system	epss
scoring_elements	0.92425
published_at	2026-04-13T12:55:00Z

value	0.08604
scoring_system	epss
scoring_elements	0.92427
published_at	2026-04-12T12:55:00Z

value	0.08604
scoring_system	epss
scoring_elements	0.92392
published_at	2026-04-02T12:55:00Z

value	0.08604
scoring_system	epss
scoring_elements	0.92399
published_at	2026-04-04T12:55:00Z

value	0.08604
scoring_system	epss
scoring_elements	0.92403
published_at	2026-04-07T12:55:00Z

value	0.08604
scoring_system	epss
scoring_elements	0.92415
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-9433

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9232
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9232

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9325
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9325

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9433
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9433

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.debian.org/debian-lts-announce/2019/11/msg00030.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2019/11/msg00030.html

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DQSTK442ATWJOR4TU3MR6C3N5A6NDFFN/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DQSTK442ATWJOR4TU3MR6C3N5A6NDFFN/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U2IIA3RSYABBUCFIHXIRVUT5CTJVWWZ6/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U2IIA3RSYABBUCFIHXIRVUT5CTJVWWZ6/

reference_url	https://seclists.org/bugtraq/2019/Nov/43
reference_id
reference_type
scores
url	https://seclists.org/bugtraq/2019/Nov/43

reference_url	https://source.android.com/security/bulletin/android-10
reference_id
reference_type
scores
url	https://source.android.com/security/bulletin/android-10

reference_url	https://www.debian.org/security/2019/dsa-4578
reference_id
reference_type
scores
url	https://www.debian.org/security/2019/dsa-4578

reference_url	http://www.openwall.com/lists/oss-security/2019/10/25/17
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2019/10/25/17

reference_url	http://www.openwall.com/lists/oss-security/2019/10/27/1
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2019/10/27/1

reference_url	http://www.openwall.com/lists/oss-security/2019/11/07/1
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2019/11/07/1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1788994
reference_id	1788994
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1788994

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:19.04:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:10.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:30:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:31:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:10.0:::::::*
reference_id	cpe:2.3:o:google:android:10.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:10.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:15.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-9433

reference_id

CVE-2019-9433

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:N/A:N

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2019-9433

reference_url	https://security.gentoo.org/glsa/202003-59
reference_id	GLSA-202003-59
reference_type
scores
url	https://security.gentoo.org/glsa/202003-59

reference_url	https://access.redhat.com/errata/RHSA-2020:3876
reference_id	RHSA-2020:3876
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3876

reference_url	https://access.redhat.com/errata/RHSA-2020:4629
reference_id	RHSA-2020:4629
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:4629

reference_url	https://usn.ubuntu.com/4199-1/
reference_id	USN-4199-1
reference_type
scores
url	https://usn.ubuntu.com/4199-1/

reference_url	https://usn.ubuntu.com/4199-2/
reference_id	USN-4199-2
reference_type
scores
url	https://usn.ubuntu.com/4199-2/

fixed_packages

url	pkg:deb/debian/libvpx@1.8.1-2?distro=trixie
purl	pkg:deb/debian/libvpx@1.8.1-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.8.1-2%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u3?distro=trixie
purl	pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.9.0-1%252Bdeb11u3%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.12.0-1%2Bdeb12u4?distro=trixie
purl	pkg:deb/debian/libvpx@1.12.0-1%2Bdeb12u4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.12.0-1%252Bdeb12u4%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.15.0-2.1%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/libvpx@1.15.0-2.1%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.15.0-2.1%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.16.0-3?distro=trixie
purl	pkg:deb/debian/libvpx@1.16.0-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.16.0-3%3Fdistro=trixie

aliases CVE-2019-9433

risk_score 3.0

exploitability 0.5

weighted_severity 5.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-djwx-su1m-57h4

url VCID-f81v-9fv8-93cd

vulnerability_id VCID-f81v-9fv8-93cd

summary

Out-of-bounds Write
Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5217.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5217.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-5217

reference_id

reference_type

scores

value	0.03573
scoring_system	epss
scoring_elements	0.87728
published_at	2026-04-09T12:55:00Z

value	0.03573
scoring_system	epss
scoring_elements	0.87722
published_at	2026-04-08T12:55:00Z

value	0.03573
scoring_system	epss
scoring_elements	0.8774
published_at	2026-04-11T12:55:00Z

value	0.03573
scoring_system	epss
scoring_elements	0.87733
published_at	2026-04-12T12:55:00Z

value	0.03573
scoring_system	epss
scoring_elements	0.87731
published_at	2026-04-13T12:55:00Z

value	0.03573
scoring_system	epss
scoring_elements	0.87745
published_at	2026-04-16T12:55:00Z

value	0.049
scoring_system	epss
scoring_elements	0.89576
published_at	2026-04-07T12:55:00Z

value	0.049
scoring_system	epss
scoring_elements	0.89562
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-5217

reference_url

https://arstechnica.com/security/2023/09/new-0-day-in-chrome-and-firefox-is-likely-to-plague-other-software

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://arstechnica.com/security/2023/09/new-0-day-in-chrome-and-firefox-is-likely-to-plague-other-software

reference_url

https://arstechnica.com/security/2023/09/new-0-day-in-chrome-and-firefox-is-likely-to-plague-other-software/

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

https://arstechnica.com/security/2023/09/new-0-day-in-chrome-and-firefox-is-likely-to-plague-other-software/

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2241191

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2241191

reference_url

https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_27.html

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_27.html

reference_url

https://crbug.com/1486441

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

https://crbug.com/1486441

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5169
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5169

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5171
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5171

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5176
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5176

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5186
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5186

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5187
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5187

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5217
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5217

reference_url

http://seclists.org/fulldisclosure/2023/Oct/12

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

http://seclists.org/fulldisclosure/2023/Oct/12

reference_url

http://seclists.org/fulldisclosure/2023/Oct/16

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

http://seclists.org/fulldisclosure/2023/Oct/16

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/electron/electron

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/electron/electron

reference_url

https://github.com/electron/electron/pull/40022

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/electron/electron/pull/40022

reference_url

https://github.com/electron/electron/pull/40023

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/electron/electron/pull/40023

reference_url

https://github.com/electron/electron/pull/40024

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/electron/electron/pull/40024

reference_url

https://github.com/electron/electron/pull/40025

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/electron/electron/pull/40025

reference_url

https://github.com/electron/electron/pull/40026

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/electron/electron/pull/40026

reference_url

https://github.com/electron/electron/releases/tag/v22.3.25

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/electron/electron/releases/tag/v22.3.25

reference_url

https://github.com/electron/electron/releases/tag/v24.8.5

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/electron/electron/releases/tag/v24.8.5

reference_url

https://github.com/electron/electron/releases/tag/v25.8.4

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/electron/electron/releases/tag/v25.8.4

reference_url

https://github.com/electron/electron/releases/tag/v26.2.4

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/electron/electron/releases/tag/v26.2.4

reference_url

https://github.com/electron/electron/releases/tag/v27.0.0-beta.8

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/electron/electron/releases/tag/v27.0.0-beta.8

reference_url

https://github.com/webmproject/libvpx/commit/3fbd1dca6a4d2dad332a2110d646e4ffef36d590

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

https://github.com/webmproject/libvpx/commit/3fbd1dca6a4d2dad332a2110d646e4ffef36d590

reference_url

https://github.com/webmproject/libvpx/commit/af6dedd715f4307669366944cca6e0417b290282

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

https://github.com/webmproject/libvpx/commit/af6dedd715f4307669366944cca6e0417b290282

reference_url

https://github.com/webmproject/libvpx/releases/tag/v1.13.1

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

https://github.com/webmproject/libvpx/releases/tag/v1.13.1

reference_url

https://github.com/webmproject/libvpx/tags

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

https://github.com/webmproject/libvpx/tags

reference_url

https://lists.debian.org/debian-lts-announce/2023/09/msg00038.html

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

https://lists.debian.org/debian-lts-announce/2023/09/msg00038.html

reference_url

https://lists.debian.org/debian-lts-announce/2023/10/msg00001.html

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

https://lists.debian.org/debian-lts-announce/2023/10/msg00001.html

reference_url

https://lists.debian.org/debian-lts-announce/2023/10/msg00015.html

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

https://lists.debian.org/debian-lts-announce/2023/10/msg00015.html

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MFWDFJSSIFKWKNOCTQCFUNZWAXUCSS4

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MFWDFJSSIFKWKNOCTQCFUNZWAXUCSS4

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MFWDFJSSIFKWKNOCTQCFUNZWAXUCSS4/

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MFWDFJSSIFKWKNOCTQCFUNZWAXUCSS4/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/55YVCZNAVY3Y5E4DWPWMX2SPKZ2E5SOV

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/55YVCZNAVY3Y5E4DWPWMX2SPKZ2E5SOV

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/55YVCZNAVY3Y5E4DWPWMX2SPKZ2E5SOV/

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/55YVCZNAVY3Y5E4DWPWMX2SPKZ2E5SOV/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AY642Z6JZODQJE7Z62CFREVUHEGCXGPD

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AY642Z6JZODQJE7Z62CFREVUHEGCXGPD

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BCVSHVX2RFBU3RMCUFSATVQEJUFD4Q63

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BCVSHVX2RFBU3RMCUFSATVQEJUFD4Q63

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BCVSHVX2RFBU3RMCUFSATVQEJUFD4Q63/

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BCVSHVX2RFBU3RMCUFSATVQEJUFD4Q63/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CWEJYS5NC7KVFYU3OAMPKQDYN6JQGVK6

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CWEJYS5NC7KVFYU3OAMPKQDYN6JQGVK6

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CWEJYS5NC7KVFYU3OAMPKQDYN6JQGVK6/

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CWEJYS5NC7KVFYU3OAMPKQDYN6JQGVK6/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TE7F54W5O5RS4ZMAAC7YK3CZWQXIDSKB

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TE7F54W5O5RS4ZMAAC7YK3CZWQXIDSKB

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WTRUIS3564P7ZLM2S2IH4Y4KZ327LI4I

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WTRUIS3564P7ZLM2S2IH4Y4KZ327LI4I

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WTRUIS3564P7ZLM2S2IH4Y4KZ327LI4I/

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WTRUIS3564P7ZLM2S2IH4Y4KZ327LI4I/

reference_url

https://pastebin.com/TdkC4pDv

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

https://pastebin.com/TdkC4pDv

reference_url

https://security.gentoo.org/glsa/202310-04

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

https://security.gentoo.org/glsa/202310-04

reference_url

https://security.gentoo.org/glsa/202401-34

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

https://security.gentoo.org/glsa/202401-34

reference_url

https://stackdiary.com/google-discloses-a-webm-vp8-bug-tracked-as-cve-2023-5217

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://stackdiary.com/google-discloses-a-webm-vp8-bug-tracked-as-cve-2023-5217

reference_url

https://stackdiary.com/google-discloses-a-webm-vp8-bug-tracked-as-cve-2023-5217/

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

https://stackdiary.com/google-discloses-a-webm-vp8-bug-tracked-as-cve-2023-5217/

reference_url

https://support.apple.com/kb/HT213961

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

https://support.apple.com/kb/HT213961

reference_url

https://support.apple.com/kb/HT213972

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

https://support.apple.com/kb/HT213972

reference_url

https://twitter.com/maddiestone/status/1707163313711497266

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

https://twitter.com/maddiestone/status/1707163313711497266

reference_url

https://www.debian.org/security/2023/dsa-5508

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

https://www.debian.org/security/2023/dsa-5508

reference_url

https://www.debian.org/security/2023/dsa-5509

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

https://www.debian.org/security/2023/dsa-5509

reference_url

https://www.debian.org/security/2023/dsa-5510

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

https://www.debian.org/security/2023/dsa-5510

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-44

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	critical
scoring_system	generic_textual
scoring_elements

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-44

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-44/

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

https://www.mozilla.org/en-US/security/advisories/mfsa2023-44/

reference_url

https://www.openwall.com/lists/oss-security/2023/09/28/5

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

https://www.openwall.com/lists/oss-security/2023/09/28/5

reference_url

http://www.openwall.com/lists/oss-security/2023/09/28/5

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

http://www.openwall.com/lists/oss-security/2023/09/28/5

reference_url

http://www.openwall.com/lists/oss-security/2023/09/28/6

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

http://www.openwall.com/lists/oss-security/2023/09/28/6

reference_url

http://www.openwall.com/lists/oss-security/2023/09/29/1

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

http://www.openwall.com/lists/oss-security/2023/09/29/1

reference_url

http://www.openwall.com/lists/oss-security/2023/09/29/11

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

http://www.openwall.com/lists/oss-security/2023/09/29/11

reference_url

http://www.openwall.com/lists/oss-security/2023/09/29/12

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

http://www.openwall.com/lists/oss-security/2023/09/29/12

reference_url

http://www.openwall.com/lists/oss-security/2023/09/29/14

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

http://www.openwall.com/lists/oss-security/2023/09/29/14

reference_url

http://www.openwall.com/lists/oss-security/2023/09/29/2

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

http://www.openwall.com/lists/oss-security/2023/09/29/2

reference_url

http://www.openwall.com/lists/oss-security/2023/09/29/7

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

http://www.openwall.com/lists/oss-security/2023/09/29/7

reference_url

http://www.openwall.com/lists/oss-security/2023/09/29/9

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

http://www.openwall.com/lists/oss-security/2023/09/29/9

reference_url

http://www.openwall.com/lists/oss-security/2023/09/30/1

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

http://www.openwall.com/lists/oss-security/2023/09/30/1

reference_url

http://www.openwall.com/lists/oss-security/2023/09/30/2

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

http://www.openwall.com/lists/oss-security/2023/09/30/2

reference_url

http://www.openwall.com/lists/oss-security/2023/09/30/3

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

http://www.openwall.com/lists/oss-security/2023/09/30/3

reference_url

http://www.openwall.com/lists/oss-security/2023/09/30/4

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

http://www.openwall.com/lists/oss-security/2023/09/30/4

reference_url

http://www.openwall.com/lists/oss-security/2023/09/30/5

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

http://www.openwall.com/lists/oss-security/2023/09/30/5

reference_url

http://www.openwall.com/lists/oss-security/2023/10/01/1

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

http://www.openwall.com/lists/oss-security/2023/10/01/1

reference_url

http://www.openwall.com/lists/oss-security/2023/10/01/2

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

http://www.openwall.com/lists/oss-security/2023/10/01/2

reference_url

http://www.openwall.com/lists/oss-security/2023/10/01/5

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

http://www.openwall.com/lists/oss-security/2023/10/01/5

reference_url

http://www.openwall.com/lists/oss-security/2023/10/02/6

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

http://www.openwall.com/lists/oss-security/2023/10/02/6

reference_url

http://www.openwall.com/lists/oss-security/2023/10/03/11

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

http://www.openwall.com/lists/oss-security/2023/10/03/11

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053182
reference_id	1053182
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053182

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AY642Z6JZODQJE7Z62CFREVUHEGCXGPD/

reference_id

AY642Z6JZODQJE7Z62CFREVUHEGCXGPD

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AY642Z6JZODQJE7Z62CFREVUHEGCXGPD/

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2023-5217

reference_id

CVE-2023-5217

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2023-5217

reference_url

https://security-tracker.debian.org/tracker/CVE-2023-5217

reference_id

CVE-2023-5217

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

https://security-tracker.debian.org/tracker/CVE-2023-5217

reference_url

https://github.com/advisories/GHSA-qqvq-6xgj-jw8g

reference_id

GHSA-qqvq-6xgj-jw8g

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-qqvq-6xgj-jw8g

reference_url	https://access.redhat.com/errata/RHSA-2023:5426
reference_id	RHSA-2023:5426
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5426

reference_url	https://access.redhat.com/errata/RHSA-2023:5427
reference_id	RHSA-2023:5427
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5427

reference_url	https://access.redhat.com/errata/RHSA-2023:5428
reference_id	RHSA-2023:5428
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5428

reference_url	https://access.redhat.com/errata/RHSA-2023:5429
reference_id	RHSA-2023:5429
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5429

reference_url	https://access.redhat.com/errata/RHSA-2023:5430
reference_id	RHSA-2023:5430
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5430

reference_url	https://access.redhat.com/errata/RHSA-2023:5432
reference_id	RHSA-2023:5432
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5432

reference_url	https://access.redhat.com/errata/RHSA-2023:5433
reference_id	RHSA-2023:5433
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5433

reference_url	https://access.redhat.com/errata/RHSA-2023:5434
reference_id	RHSA-2023:5434
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5434

reference_url	https://access.redhat.com/errata/RHSA-2023:5435
reference_id	RHSA-2023:5435
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5435

reference_url	https://access.redhat.com/errata/RHSA-2023:5436
reference_id	RHSA-2023:5436
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5436

reference_url	https://access.redhat.com/errata/RHSA-2023:5437
reference_id	RHSA-2023:5437
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5437

reference_url	https://access.redhat.com/errata/RHSA-2023:5438
reference_id	RHSA-2023:5438
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5438

reference_url	https://access.redhat.com/errata/RHSA-2023:5439
reference_id	RHSA-2023:5439
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5439

reference_url	https://access.redhat.com/errata/RHSA-2023:5440
reference_id	RHSA-2023:5440
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5440

reference_url	https://access.redhat.com/errata/RHSA-2023:5475
reference_id	RHSA-2023:5475
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5475

reference_url	https://access.redhat.com/errata/RHSA-2023:5477
reference_id	RHSA-2023:5477
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5477

100

reference_url	https://access.redhat.com/errata/RHSA-2023:5534
reference_id	RHSA-2023:5534
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5534

101

reference_url	https://access.redhat.com/errata/RHSA-2023:5535
reference_id	RHSA-2023:5535
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5535

102

reference_url	https://access.redhat.com/errata/RHSA-2023:5536
reference_id	RHSA-2023:5536
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5536

103

reference_url	https://access.redhat.com/errata/RHSA-2023:5537
reference_id	RHSA-2023:5537
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5537

104

reference_url	https://access.redhat.com/errata/RHSA-2023:5538
reference_id	RHSA-2023:5538
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5538

105

reference_url	https://access.redhat.com/errata/RHSA-2023:5539
reference_id	RHSA-2023:5539
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5539

106

reference_url	https://access.redhat.com/errata/RHSA-2023:5540
reference_id	RHSA-2023:5540
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5540

107

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TE7F54W5O5RS4ZMAAC7YK3CZWQXIDSKB/

reference_id

TE7F54W5O5RS4ZMAAC7YK3CZWQXIDSKB

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2023-11-15T16:38:17Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TE7F54W5O5RS4ZMAAC7YK3CZWQXIDSKB/

108

reference_url	https://usn.ubuntu.com/6403-1/
reference_id	USN-6403-1
reference_type
scores
url	https://usn.ubuntu.com/6403-1/

109

reference_url	https://usn.ubuntu.com/6403-2/
reference_id	USN-6403-2
reference_type
scores
url	https://usn.ubuntu.com/6403-2/

110

reference_url	https://usn.ubuntu.com/6403-3/
reference_id	USN-6403-3
reference_type
scores
url	https://usn.ubuntu.com/6403-3/

111

reference_url	https://usn.ubuntu.com/6404-1/
reference_id	USN-6404-1
reference_type
scores
url	https://usn.ubuntu.com/6404-1/

112

reference_url	https://usn.ubuntu.com/6405-1/
reference_id	USN-6405-1
reference_type
scores
url	https://usn.ubuntu.com/6405-1/

113

reference_url	https://usn.ubuntu.com/7172-1/
reference_id	USN-7172-1
reference_type
scores
url	https://usn.ubuntu.com/7172-1/

fixed_packages

url	pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.9.0-1%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u3?distro=trixie
purl	pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.9.0-1%252Bdeb11u3%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.12.0-1%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/libvpx@1.12.0-1%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.12.0-1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.12.0-1%2Bdeb12u4?distro=trixie
purl	pkg:deb/debian/libvpx@1.12.0-1%2Bdeb12u4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.12.0-1%252Bdeb12u4%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.12.0-1.1?distro=trixie
purl	pkg:deb/debian/libvpx@1.12.0-1.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.12.0-1.1%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.15.0-2.1%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/libvpx@1.15.0-2.1%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.15.0-2.1%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.16.0-3?distro=trixie
purl	pkg:deb/debian/libvpx@1.16.0-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.16.0-3%3Fdistro=trixie

aliases CVE-2023-5217, GHSA-qqvq-6xgj-jw8g

risk_score 10.0

exploitability 2.0

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-f81v-9fv8-93cd

url VCID-hhsp-7swr-qybd

vulnerability_id VCID-hhsp-7swr-qybd

summary security update

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13194.json

reference_id

reference_type

scores

value	3.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13194.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-13194

reference_id

reference_type

scores

value	0.01253
scoring_system	epss
scoring_elements	0.79307
published_at	2026-04-01T12:55:00Z

value	0.01253
scoring_system	epss
scoring_elements	0.79314
published_at	2026-04-02T12:55:00Z

value	0.01253
scoring_system	epss
scoring_elements	0.79337
published_at	2026-04-04T12:55:00Z

value	0.01253
scoring_system	epss
scoring_elements	0.79323
published_at	2026-04-07T12:55:00Z

value	0.01253
scoring_system	epss
scoring_elements	0.79349
published_at	2026-04-08T12:55:00Z

value	0.01253
scoring_system	epss
scoring_elements	0.79358
published_at	2026-04-09T12:55:00Z

value	0.01253
scoring_system	epss
scoring_elements	0.79381
published_at	2026-04-11T12:55:00Z

value	0.01253
scoring_system	epss
scoring_elements	0.79366
published_at	2026-04-12T12:55:00Z

value	0.01253
scoring_system	epss
scoring_elements	0.79356
published_at	2026-04-13T12:55:00Z

value	0.01253
scoring_system	epss
scoring_elements	0.79382
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-13194

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13194
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13194

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.6
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1535183
reference_id	1535183
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1535183

reference_url	https://usn.ubuntu.com/4199-1/
reference_id	USN-4199-1
reference_type
scores
url	https://usn.ubuntu.com/4199-1/

reference_url	https://usn.ubuntu.com/4199-2/
reference_id	USN-4199-2
reference_type
scores
url	https://usn.ubuntu.com/4199-2/

fixed_packages

url	pkg:deb/debian/libvpx@1.7.0-2?distro=trixie
purl	pkg:deb/debian/libvpx@1.7.0-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.7.0-2%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u3?distro=trixie
purl	pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.9.0-1%252Bdeb11u3%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.12.0-1%2Bdeb12u4?distro=trixie
purl	pkg:deb/debian/libvpx@1.12.0-1%2Bdeb12u4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.12.0-1%252Bdeb12u4%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.15.0-2.1%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/libvpx@1.15.0-2.1%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.15.0-2.1%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.16.0-3?distro=trixie
purl	pkg:deb/debian/libvpx@1.16.0-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.16.0-3%3Fdistro=trixie

aliases CVE-2017-13194

risk_score 1.6

exploitability 0.5

weighted_severity 3.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hhsp-7swr-qybd

url VCID-hkfy-wbqn-sba8

vulnerability_id VCID-hkfy-wbqn-sba8

summary A remote denial of service vulnerability in libvpx in Mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-11-01 could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High due to the possibility of remote denial of service. Android ID: A-30593752.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-6712

reference_id

reference_type

scores

value	0.00192
scoring_system	epss
scoring_elements	0.41071
published_at	2026-04-01T12:55:00Z

value	0.00192
scoring_system	epss
scoring_elements	0.41163
published_at	2026-04-02T12:55:00Z

value	0.00192
scoring_system	epss
scoring_elements	0.41194
published_at	2026-04-04T12:55:00Z

value	0.00192
scoring_system	epss
scoring_elements	0.41121
published_at	2026-04-07T12:55:00Z

value	0.00192
scoring_system	epss
scoring_elements	0.41169
published_at	2026-04-08T12:55:00Z

value	0.00192
scoring_system	epss
scoring_elements	0.41177
published_at	2026-04-09T12:55:00Z

value	0.00192
scoring_system	epss
scoring_elements	0.41197
published_at	2026-04-11T12:55:00Z

value	0.00192
scoring_system	epss
scoring_elements	0.41164
published_at	2026-04-12T12:55:00Z

value	0.00192
scoring_system	epss
scoring_elements	0.4115
published_at	2026-04-13T12:55:00Z

value	0.00192
scoring_system	epss
scoring_elements	0.41193
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-6712

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6712
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6712

fixed_packages

url	pkg:deb/debian/libvpx@1.6.1-1?distro=trixie
purl	pkg:deb/debian/libvpx@1.6.1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.6.1-1%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u3?distro=trixie
purl	pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.9.0-1%252Bdeb11u3%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.12.0-1%2Bdeb12u4?distro=trixie
purl	pkg:deb/debian/libvpx@1.12.0-1%2Bdeb12u4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.12.0-1%252Bdeb12u4%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.15.0-2.1%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/libvpx@1.15.0-2.1%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.15.0-2.1%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.16.0-3?distro=trixie
purl	pkg:deb/debian/libvpx@1.16.0-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.16.0-3%3Fdistro=trixie

aliases CVE-2016-6712

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hkfy-wbqn-sba8

url VCID-kuxu-ty5p-8qbf

vulnerability_id VCID-kuxu-ty5p-8qbf

summary libvpx: Heap buffer overflow related to VP9 encoding

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6349.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6349.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-6349

reference_id

reference_type

scores

value	0.00078
scoring_system	epss
scoring_elements	0.23348
published_at	2026-04-02T12:55:00Z

value	0.00078
scoring_system	epss
scoring_elements	0.23242
published_at	2026-04-16T12:55:00Z

value	0.00078
scoring_system	epss
scoring_elements	0.23321
published_at	2026-04-11T12:55:00Z

value	0.00078
scoring_system	epss
scoring_elements	0.23283
published_at	2026-04-12T12:55:00Z

value	0.00078
scoring_system	epss
scoring_elements	0.23226
published_at	2026-04-13T12:55:00Z

value	0.00078
scoring_system	epss
scoring_elements	0.23388
published_at	2026-04-04T12:55:00Z

value	0.00078
scoring_system	epss
scoring_elements	0.23176
published_at	2026-04-07T12:55:00Z

value	0.00078
scoring_system	epss
scoring_elements	0.2325
published_at	2026-04-08T12:55:00Z

value	0.00078
scoring_system	epss
scoring_elements	0.233
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-6349

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6349
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6349

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://crbug.com/webm/1642

reference_id

1642

reference_type

scores

value	5.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:P/VC:L/VI:H/VA:N/SC:L/SI:H/SA:N/S:N/AU:N/R:A/V:D

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-28T15:01:21Z/

url

https://crbug.com/webm/1642

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2283553
reference_id	2283553
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2283553

reference_url	https://access.redhat.com/errata/RHSA-2024:5941
reference_id	RHSA-2024:5941
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:5941

reference_url	https://access.redhat.com/errata/RHSA-2026:4128
reference_id	RHSA-2026:4128
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4128

fixed_packages

url	pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u2?distro=trixie
purl	pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.9.0-1%252Bdeb11u2%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u3?distro=trixie
purl	pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.9.0-1%252Bdeb11u3%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.12.0-1%2Bdeb12u2?distro=trixie
purl	pkg:deb/debian/libvpx@1.12.0-1%2Bdeb12u2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.12.0-1%252Bdeb12u2%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.12.0-1%2Bdeb12u4?distro=trixie
purl	pkg:deb/debian/libvpx@1.12.0-1%2Bdeb12u4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.12.0-1%252Bdeb12u4%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.13.1-2?distro=trixie
purl	pkg:deb/debian/libvpx@1.13.1-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.13.1-2%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.15.0-2.1%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/libvpx@1.15.0-2.1%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.15.0-2.1%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.16.0-3?distro=trixie
purl	pkg:deb/debian/libvpx@1.16.0-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.16.0-3%3Fdistro=trixie

aliases CVE-2023-6349

risk_score 3.0

exploitability 0.5

weighted_severity 5.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kuxu-ty5p-8qbf

url VCID-mcab-z6qn-gkds

vulnerability_id VCID-mcab-z6qn-gkds

summary Multiple vulnerabilities have been discovered in libvpx, the worst of which could result in arbitrary code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-44488.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-44488.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-44488

reference_id

reference_type

scores

value	0.01446
scoring_system	epss
scoring_elements	0.80782
published_at	2026-04-16T12:55:00Z

value	0.01446
scoring_system	epss
scoring_elements	0.80744
published_at	2026-04-08T12:55:00Z

value	0.01446
scoring_system	epss
scoring_elements	0.80752
published_at	2026-04-09T12:55:00Z

value	0.01446
scoring_system	epss
scoring_elements	0.80769
published_at	2026-04-11T12:55:00Z

value	0.01446
scoring_system	epss
scoring_elements	0.80753
published_at	2026-04-12T12:55:00Z

value	0.01446
scoring_system	epss
scoring_elements	0.80745
published_at	2026-04-13T12:55:00Z

value	0.01486
scoring_system	epss
scoring_elements	0.80975
published_at	2026-04-02T12:55:00Z

value	0.01486
scoring_system	epss
scoring_elements	0.80997
published_at	2026-04-07T12:55:00Z

value	0.01486
scoring_system	epss
scoring_elements	0.80999
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-44488

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44488
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44488

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2241806

reference_id

2241806

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-23T16:14:51Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2241806

reference_url

https://github.com/webmproject/libvpx/commit/263682c9a29395055f3b3afe2d97be1828a6223f

reference_id

263682c9a29395055f3b3afe2d97be1828a6223f

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-23T16:14:51Z/

url

https://github.com/webmproject/libvpx/commit/263682c9a29395055f3b3afe2d97be1828a6223f

reference_url

https://github.com/webmproject/libvpx/commit/df9fd9d5b7325060b2b921558a1eb20ca7880937

reference_id

df9fd9d5b7325060b2b921558a1eb20ca7880937

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-23T16:14:51Z/

url

https://github.com/webmproject/libvpx/commit/df9fd9d5b7325060b2b921558a1eb20ca7880937

reference_url

https://www.debian.org/security/2023/dsa-5518

reference_id

dsa-5518

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-23T16:14:51Z/

url

https://www.debian.org/security/2023/dsa-5518

reference_url	https://access.redhat.com/errata/RHSA-2023:5534
reference_id	RHSA-2023:5534
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5534

reference_url	https://access.redhat.com/errata/RHSA-2023:5535
reference_id	RHSA-2023:5535
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5535

reference_url	https://access.redhat.com/errata/RHSA-2023:5536
reference_id	RHSA-2023:5536
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5536

reference_url	https://access.redhat.com/errata/RHSA-2023:5537
reference_id	RHSA-2023:5537
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5537

reference_url	https://access.redhat.com/errata/RHSA-2023:5538
reference_id	RHSA-2023:5538
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5538

reference_url	https://access.redhat.com/errata/RHSA-2023:5539
reference_id	RHSA-2023:5539
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5539

reference_url	https://access.redhat.com/errata/RHSA-2023:5540
reference_id	RHSA-2023:5540
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5540

reference_url	https://access.redhat.com/errata/RHSA-2023:6162
reference_id	RHSA-2023:6162
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6162

reference_url	https://access.redhat.com/errata/RHSA-2023:6185
reference_id	RHSA-2023:6185
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6185

reference_url	https://access.redhat.com/errata/RHSA-2023:6186
reference_id	RHSA-2023:6186
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6186

reference_url	https://access.redhat.com/errata/RHSA-2023:6187
reference_id	RHSA-2023:6187
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6187

reference_url	https://access.redhat.com/errata/RHSA-2023:6188
reference_id	RHSA-2023:6188
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6188

reference_url	https://access.redhat.com/errata/RHSA-2023:6189
reference_id	RHSA-2023:6189
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6189

reference_url	https://access.redhat.com/errata/RHSA-2023:6190
reference_id	RHSA-2023:6190
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6190

reference_url	https://access.redhat.com/errata/RHSA-2023:6191
reference_id	RHSA-2023:6191
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6191

reference_url	https://access.redhat.com/errata/RHSA-2023:6192
reference_id	RHSA-2023:6192
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6192

reference_url	https://access.redhat.com/errata/RHSA-2023:6194
reference_id	RHSA-2023:6194
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6194

reference_url	https://access.redhat.com/errata/RHSA-2023:6195
reference_id	RHSA-2023:6195
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6195

reference_url	https://access.redhat.com/errata/RHSA-2023:6196
reference_id	RHSA-2023:6196
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6196

reference_url	https://access.redhat.com/errata/RHSA-2023:6197
reference_id	RHSA-2023:6197
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6197

reference_url	https://access.redhat.com/errata/RHSA-2023:6198
reference_id	RHSA-2023:6198
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6198

reference_url	https://access.redhat.com/errata/RHSA-2023:6199
reference_id	RHSA-2023:6199
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6199

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TE7F54W5O5RS4ZMAAC7YK3CZWQXIDSKB/

reference_id

TE7F54W5O5RS4ZMAAC7YK3CZWQXIDSKB

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-23T16:14:51Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TE7F54W5O5RS4ZMAAC7YK3CZWQXIDSKB/

reference_url	https://usn.ubuntu.com/6403-1/
reference_id	USN-6403-1
reference_type
scores
url	https://usn.ubuntu.com/6403-1/

reference_url	https://usn.ubuntu.com/6403-2/
reference_id	USN-6403-2
reference_type
scores
url	https://usn.ubuntu.com/6403-2/

reference_url	https://usn.ubuntu.com/6403-3/
reference_id	USN-6403-3
reference_type
scores
url	https://usn.ubuntu.com/6403-3/

reference_url

https://github.com/webmproject/libvpx/compare/v1.13.0...v1.13.1

reference_id

v1.13.0...v1.13.1

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-23T16:14:51Z/

url

https://github.com/webmproject/libvpx/compare/v1.13.0...v1.13.1

fixed_packages

url	pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u2?distro=trixie
purl	pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.9.0-1%252Bdeb11u2%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u3?distro=trixie
purl	pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.9.0-1%252Bdeb11u3%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.12.0-1%2Bdeb12u2?distro=trixie
purl	pkg:deb/debian/libvpx@1.12.0-1%2Bdeb12u2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.12.0-1%252Bdeb12u2%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.12.0-1%2Bdeb12u4?distro=trixie
purl	pkg:deb/debian/libvpx@1.12.0-1%2Bdeb12u4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.12.0-1%252Bdeb12u4%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.12.0-1.2?distro=trixie
purl	pkg:deb/debian/libvpx@1.12.0-1.2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.12.0-1.2%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.15.0-2.1%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/libvpx@1.15.0-2.1%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.15.0-2.1%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.16.0-3?distro=trixie
purl	pkg:deb/debian/libvpx@1.16.0-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.16.0-3%3Fdistro=trixie

aliases CVE-2023-44488

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mcab-z6qn-gkds

url VCID-nw6w-7x8f-x7fw

vulnerability_id VCID-nw6w-7x8f-x7fw

summary The decoder_peek_si_internal function in vp9/vp9_dx_iface.c in libvpx in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-09-01, and 7.0 before 2016-09-01 allows remote attackers to cause a denial of service (buffer over-read, and device hang or reboot) via a crafted media file, aka internal bug 30013856.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-3881

reference_id

reference_type

scores

value	0.00266
scoring_system	epss
scoring_elements	0.50006
published_at	2026-04-01T12:55:00Z

value	0.00266
scoring_system	epss
scoring_elements	0.50044
published_at	2026-04-02T12:55:00Z

value	0.00266
scoring_system	epss
scoring_elements	0.50072
published_at	2026-04-04T12:55:00Z

value	0.00266
scoring_system	epss
scoring_elements	0.50022
published_at	2026-04-07T12:55:00Z

value	0.00266
scoring_system	epss
scoring_elements	0.50077
published_at	2026-04-08T12:55:00Z

value	0.00266
scoring_system	epss
scoring_elements	0.50069
published_at	2026-04-09T12:55:00Z

value	0.00266
scoring_system	epss
scoring_elements	0.50087
published_at	2026-04-11T12:55:00Z

value	0.00266
scoring_system	epss
scoring_elements	0.50059
published_at	2026-04-12T12:55:00Z

value	0.00266
scoring_system	epss
scoring_elements	0.50055
published_at	2026-04-13T12:55:00Z

value	0.00266
scoring_system	epss
scoring_elements	0.501
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-3881

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3881
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3881

fixed_packages

url	pkg:deb/debian/libvpx@1.6.1-1?distro=trixie
purl	pkg:deb/debian/libvpx@1.6.1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.6.1-1%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u3?distro=trixie
purl	pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.9.0-1%252Bdeb11u3%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.12.0-1%2Bdeb12u4?distro=trixie
purl	pkg:deb/debian/libvpx@1.12.0-1%2Bdeb12u4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.12.0-1%252Bdeb12u4%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.15.0-2.1%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/libvpx@1.15.0-2.1%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.15.0-2.1%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.16.0-3?distro=trixie
purl	pkg:deb/debian/libvpx@1.16.0-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.16.0-3%3Fdistro=trixie

aliases CVE-2016-3881

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nw6w-7x8f-x7fw

url VCID-qcyp-en6e-vya2

vulnerability_id VCID-qcyp-en6e-vya2

summary libvpx: Denial of service in mediaserver

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-0393.json

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-0393.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-0393

reference_id

reference_type

scores

value	0.00414
scoring_system	epss
scoring_elements	0.61414
published_at	2026-04-01T12:55:00Z

value	0.00414
scoring_system	epss
scoring_elements	0.6149
published_at	2026-04-07T12:55:00Z

value	0.00414
scoring_system	epss
scoring_elements	0.61519
published_at	2026-04-04T12:55:00Z

value	0.00414
scoring_system	epss
scoring_elements	0.61538
published_at	2026-04-08T12:55:00Z

value	0.00414
scoring_system	epss
scoring_elements	0.61552
published_at	2026-04-09T12:55:00Z

value	0.00414
scoring_system	epss
scoring_elements	0.61573
published_at	2026-04-11T12:55:00Z

value	0.00414
scoring_system	epss
scoring_elements	0.6156
published_at	2026-04-12T12:55:00Z

value	0.00414
scoring_system	epss
scoring_elements	0.6154
published_at	2026-04-13T12:55:00Z

value	0.00414
scoring_system	epss
scoring_elements	0.61582
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-0393

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0393
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0393

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1769657
reference_id	1769657
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1769657

reference_url	https://access.redhat.com/errata/RHSA-2020:3876
reference_id	RHSA-2020:3876
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3876

fixed_packages

url	pkg:deb/debian/libvpx@1.6.1-1?distro=trixie
purl	pkg:deb/debian/libvpx@1.6.1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.6.1-1%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u3?distro=trixie
purl	pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.9.0-1%252Bdeb11u3%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.12.0-1%2Bdeb12u4?distro=trixie
purl	pkg:deb/debian/libvpx@1.12.0-1%2Bdeb12u4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.12.0-1%252Bdeb12u4%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.15.0-2.1%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/libvpx@1.15.0-2.1%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.15.0-2.1%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.16.0-3?distro=trixie
purl	pkg:deb/debian/libvpx@1.16.0-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.16.0-3%3Fdistro=trixie

aliases CVE-2017-0393

risk_score 2.5

exploitability 0.5

weighted_severity 5.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qcyp-en6e-vya2

url VCID-qjuf-f8ec-byc7

vulnerability_id VCID-qjuf-f8ec-byc7

summary security update

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4506.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4506.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-4506

reference_id

reference_type

scores

value	0.07974
scoring_system	epss
scoring_elements	0.92089
published_at	2026-04-16T12:55:00Z

value	0.07974
scoring_system	epss
scoring_elements	0.92045
published_at	2026-04-01T12:55:00Z

value	0.07974
scoring_system	epss
scoring_elements	0.92051
published_at	2026-04-02T12:55:00Z

value	0.07974
scoring_system	epss
scoring_elements	0.92058
published_at	2026-04-04T12:55:00Z

value	0.07974
scoring_system	epss
scoring_elements	0.92063
published_at	2026-04-07T12:55:00Z

value	0.07974
scoring_system	epss
scoring_elements	0.92075
published_at	2026-04-08T12:55:00Z

value	0.07974
scoring_system	epss
scoring_elements	0.92078
published_at	2026-04-13T12:55:00Z

value	0.07974
scoring_system	epss
scoring_elements	0.92082
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-4506

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4500
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4500

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4506
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4506

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4509
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4509

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4511
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4511

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4517
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4517

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4519
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4519

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4520
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4520

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4521
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4521

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4522
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4522

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7174
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7174

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7175
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7175

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7176
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7176

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7177
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7177

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7180
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7180

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1265617
reference_id	1265617
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1265617

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2015-101

reference_id

mfsa2015-101

reference_type

scores

value	none
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2015-101

reference_url	https://access.redhat.com/errata/RHSA-2015:1834
reference_id	RHSA-2015:1834
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:1834

reference_url	https://usn.ubuntu.com/2743-1/
reference_id	USN-2743-1
reference_type
scores
url	https://usn.ubuntu.com/2743-1/

reference_url	https://usn.ubuntu.com/2754-1/
reference_id	USN-2754-1
reference_type
scores
url	https://usn.ubuntu.com/2754-1/

fixed_packages

url	pkg:deb/debian/libvpx@1.4.0-4?distro=trixie
purl	pkg:deb/debian/libvpx@1.4.0-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.4.0-4%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u3?distro=trixie
purl	pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.9.0-1%252Bdeb11u3%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.12.0-1%2Bdeb12u4?distro=trixie
purl	pkg:deb/debian/libvpx@1.12.0-1%2Bdeb12u4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.12.0-1%252Bdeb12u4%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.15.0-2.1%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/libvpx@1.15.0-2.1%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.15.0-2.1%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.16.0-3?distro=trixie
purl	pkg:deb/debian/libvpx@1.16.0-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.16.0-3%3Fdistro=trixie

aliases CVE-2015-4506

risk_score 0.1

exploitability 0.5

weighted_severity 0.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qjuf-f8ec-byc7

url VCID-s76d-pjvk-63cr

vulnerability_id VCID-s76d-pjvk-63cr

summary

Multiple vulnerabilities have been found in Firefox, Thunderbird,
    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with
    the worst of which may allow remote execution of arbitrary code.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4485.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4485.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-4485

reference_id

reference_type

scores

value	0.07599
scoring_system	epss
scoring_elements	0.91871
published_at	2026-04-16T12:55:00Z

value	0.07599
scoring_system	epss
scoring_elements	0.9181
published_at	2026-04-01T12:55:00Z

value	0.07599
scoring_system	epss
scoring_elements	0.91818
published_at	2026-04-02T12:55:00Z

value	0.07599
scoring_system	epss
scoring_elements	0.91824
published_at	2026-04-04T12:55:00Z

value	0.07599
scoring_system	epss
scoring_elements	0.91832
published_at	2026-04-07T12:55:00Z

value	0.07599
scoring_system	epss
scoring_elements	0.91845
published_at	2026-04-08T12:55:00Z

value	0.07599
scoring_system	epss
scoring_elements	0.91851
published_at	2026-04-09T12:55:00Z

value	0.07599
scoring_system	epss
scoring_elements	0.91855
published_at	2026-04-11T12:55:00Z

value	0.07599
scoring_system	epss
scoring_elements	0.91856
published_at	2026-04-12T12:55:00Z

value	0.07599
scoring_system	epss
scoring_elements	0.91852
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-4485

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1252292
reference_id	1252292
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1252292

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4485
reference_id	CVE-2015-4485
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4485

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2015-89

reference_id

mfsa2015-89

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2015-89

reference_url	https://access.redhat.com/errata/RHSA-2015:1586
reference_id	RHSA-2015:1586
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:1586

reference_url	https://usn.ubuntu.com/2702-1/
reference_id	USN-2702-1
reference_type
scores
url	https://usn.ubuntu.com/2702-1/

fixed_packages

url	pkg:deb/debian/libvpx@1.4.0-1?distro=trixie
purl	pkg:deb/debian/libvpx@1.4.0-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.4.0-1%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u3?distro=trixie
purl	pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.9.0-1%252Bdeb11u3%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.12.0-1%2Bdeb12u4?distro=trixie
purl	pkg:deb/debian/libvpx@1.12.0-1%2Bdeb12u4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.12.0-1%252Bdeb12u4%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.15.0-2.1%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/libvpx@1.15.0-2.1%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.15.0-2.1%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.16.0-3?distro=trixie
purl	pkg:deb/debian/libvpx@1.16.0-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.16.0-3%3Fdistro=trixie

aliases CVE-2015-4485

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-s76d-pjvk-63cr

url VCID-tbkw-k4a7-43fp

vulnerability_id VCID-tbkw-k4a7-43fp

summary

Multiple vulnerabilities have been found in Firefox, Thunderbird,
    Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with
    the worst of which may allow remote execution of arbitrary code.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4486.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4486.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-4486

reference_id

reference_type

scores

value	0.01667
scoring_system	epss
scoring_elements	0.82134
published_at	2026-04-16T12:55:00Z

value	0.01667
scoring_system	epss
scoring_elements	0.82035
published_at	2026-04-01T12:55:00Z

value	0.01667
scoring_system	epss
scoring_elements	0.82047
published_at	2026-04-02T12:55:00Z

value	0.01667
scoring_system	epss
scoring_elements	0.82068
published_at	2026-04-04T12:55:00Z

value	0.01667
scoring_system	epss
scoring_elements	0.82064
published_at	2026-04-07T12:55:00Z

value	0.01667
scoring_system	epss
scoring_elements	0.8209
published_at	2026-04-08T12:55:00Z

value	0.01667
scoring_system	epss
scoring_elements	0.82097
published_at	2026-04-09T12:55:00Z

value	0.01667
scoring_system	epss
scoring_elements	0.82116
published_at	2026-04-11T12:55:00Z

value	0.01667
scoring_system	epss
scoring_elements	0.82107
published_at	2026-04-12T12:55:00Z

value	0.01667
scoring_system	epss
scoring_elements	0.82099
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-4486

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1252292
reference_id	1252292
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1252292

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4486
reference_id	CVE-2015-4486
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4486

reference_url	https://security.gentoo.org/glsa/201605-06
reference_id	GLSA-201605-06
reference_type
scores
url	https://security.gentoo.org/glsa/201605-06

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2015-89

reference_id

mfsa2015-89

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2015-89

reference_url	https://access.redhat.com/errata/RHSA-2015:1586
reference_id	RHSA-2015:1586
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:1586

reference_url	https://usn.ubuntu.com/2702-1/
reference_id	USN-2702-1
reference_type
scores
url	https://usn.ubuntu.com/2702-1/

fixed_packages

url	pkg:deb/debian/libvpx@1.4.0-1?distro=trixie
purl	pkg:deb/debian/libvpx@1.4.0-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.4.0-1%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u3?distro=trixie
purl	pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.9.0-1%252Bdeb11u3%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.12.0-1%2Bdeb12u4?distro=trixie
purl	pkg:deb/debian/libvpx@1.12.0-1%2Bdeb12u4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.12.0-1%252Bdeb12u4%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.15.0-2.1%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/libvpx@1.15.0-2.1%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.15.0-2.1%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.16.0-3?distro=trixie
purl	pkg:deb/debian/libvpx@1.16.0-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.16.0-3%3Fdistro=trixie

aliases CVE-2015-4486

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tbkw-k4a7-43fp

url VCID-txwy-bkhg-9qfv

vulnerability_id VCID-txwy-bkhg-9qfv

summary

Multiple vulnerabilities have been found in libvpx, the worst of
    which could result in the execution of arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00049.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00049.html

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9325.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9325.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-9325

reference_id

reference_type

scores

value	0.0889
scoring_system	epss
scoring_elements	0.92528
published_at	2026-04-01T12:55:00Z

value	0.0889
scoring_system	epss
scoring_elements	0.92576
published_at	2026-04-16T12:55:00Z

value	0.0889
scoring_system	epss
scoring_elements	0.92559
published_at	2026-04-09T12:55:00Z

value	0.0889
scoring_system	epss
scoring_elements	0.92565
published_at	2026-04-13T12:55:00Z

value	0.0889
scoring_system	epss
scoring_elements	0.92566
published_at	2026-04-12T12:55:00Z

value	0.0889
scoring_system	epss
scoring_elements	0.92533
published_at	2026-04-02T12:55:00Z

value	0.0889
scoring_system	epss
scoring_elements	0.9254
published_at	2026-04-04T12:55:00Z

value	0.0889
scoring_system	epss
scoring_elements	0.92543
published_at	2026-04-07T12:55:00Z

value	0.0889
scoring_system	epss
scoring_elements	0.92554
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-9325

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9232
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9232

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9325
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9325

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9433
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9433

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DQSTK442ATWJOR4TU3MR6C3N5A6NDFFN/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DQSTK442ATWJOR4TU3MR6C3N5A6NDFFN/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U2IIA3RSYABBUCFIHXIRVUT5CTJVWWZ6/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U2IIA3RSYABBUCFIHXIRVUT5CTJVWWZ6/

reference_url	https://seclists.org/bugtraq/2019/Nov/43
reference_id
reference_type
scores
url	https://seclists.org/bugtraq/2019/Nov/43

reference_url	https://source.android.com/security/bulletin/android-10
reference_id
reference_type
scores
url	https://source.android.com/security/bulletin/android-10

reference_url	https://www.debian.org/security/2019/dsa-4578
reference_id
reference_type
scores
url	https://www.debian.org/security/2019/dsa-4578

reference_url	http://www.openwall.com/lists/oss-security/2019/10/25/17
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2019/10/25/17

reference_url	http://www.openwall.com/lists/oss-security/2019/10/27/1
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2019/10/27/1

reference_url	http://www.openwall.com/lists/oss-security/2019/11/07/1
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2019/11/07/1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1789002
reference_id	1789002
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1789002

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:19.04:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:10.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:30:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:31:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:10.0:::::::*
reference_id	cpe:2.3:o:google:android:10.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:10.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:15.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-9325

reference_id

CVE-2019-9325

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:N/A:N

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2019-9325

reference_url	https://security.gentoo.org/glsa/202003-59
reference_id	GLSA-202003-59
reference_type
scores
url	https://security.gentoo.org/glsa/202003-59

reference_url	https://usn.ubuntu.com/4199-1/
reference_id	USN-4199-1
reference_type
scores
url	https://usn.ubuntu.com/4199-1/

fixed_packages

url	pkg:deb/debian/libvpx@1.8.1-2?distro=trixie
purl	pkg:deb/debian/libvpx@1.8.1-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.8.1-2%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u3?distro=trixie
purl	pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.9.0-1%252Bdeb11u3%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.12.0-1%2Bdeb12u4?distro=trixie
purl	pkg:deb/debian/libvpx@1.12.0-1%2Bdeb12u4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.12.0-1%252Bdeb12u4%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.15.0-2.1%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/libvpx@1.15.0-2.1%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.15.0-2.1%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.16.0-3?distro=trixie
purl	pkg:deb/debian/libvpx@1.16.0-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.16.0-3%3Fdistro=trixie

aliases CVE-2019-9325

risk_score 3.0

exploitability 0.5

weighted_severity 5.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-txwy-bkhg-9qfv

url VCID-ut2r-gvwc-4ydu

vulnerability_id VCID-ut2r-gvwc-4ydu

summary

Multiple vulnerabilities have been found in libvpx, the worst of
    which could result in the execution of arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00049.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00049.html

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9371.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9371.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-9371

reference_id

reference_type

scores

value	0.17758
scoring_system	epss
scoring_elements	0.95088
published_at	2026-04-01T12:55:00Z

value	0.17758
scoring_system	epss
scoring_elements	0.9513
published_at	2026-04-16T12:55:00Z

value	0.17758
scoring_system	epss
scoring_elements	0.95118
published_at	2026-04-11T12:55:00Z

value	0.17758
scoring_system	epss
scoring_elements	0.9512
published_at	2026-04-12T12:55:00Z

value	0.17758
scoring_system	epss
scoring_elements	0.95123
published_at	2026-04-13T12:55:00Z

value	0.17758
scoring_system	epss
scoring_elements	0.95099
published_at	2026-04-02T12:55:00Z

value	0.17758
scoring_system	epss
scoring_elements	0.951
published_at	2026-04-04T12:55:00Z

value	0.17758
scoring_system	epss
scoring_elements	0.95102
published_at	2026-04-07T12:55:00Z

value	0.17758
scoring_system	epss
scoring_elements	0.95109
published_at	2026-04-08T12:55:00Z

value	0.17758
scoring_system	epss
scoring_elements	0.95112
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-9371

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9371
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9371

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DQSTK442ATWJOR4TU3MR6C3N5A6NDFFN/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DQSTK442ATWJOR4TU3MR6C3N5A6NDFFN/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U2IIA3RSYABBUCFIHXIRVUT5CTJVWWZ6/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U2IIA3RSYABBUCFIHXIRVUT5CTJVWWZ6/

reference_url	https://seclists.org/bugtraq/2019/Nov/43
reference_id
reference_type
scores
url	https://seclists.org/bugtraq/2019/Nov/43

reference_url	https://source.android.com/security/bulletin/android-10
reference_id
reference_type
scores
url	https://source.android.com/security/bulletin/android-10

reference_url	https://www.debian.org/security/2019/dsa-4578
reference_id
reference_type
scores
url	https://www.debian.org/security/2019/dsa-4578

reference_url	http://www.openwall.com/lists/oss-security/2019/10/25/17
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2019/10/25/17

reference_url	http://www.openwall.com/lists/oss-security/2019/10/27/1
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2019/10/27/1

reference_url	http://www.openwall.com/lists/oss-security/2019/11/07/1
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2019/11/07/1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1789004
reference_id	1789004
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1789004

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:19.04:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:10.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:30:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:31:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:10.0:::::::*
reference_id	cpe:2.3:o:google:android:10.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:10.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:15.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-9371

reference_id

CVE-2019-9371

reference_type

scores

value	7.1
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:C

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2019-9371

reference_url	https://security.gentoo.org/glsa/202003-59
reference_id	GLSA-202003-59
reference_type
scores
url	https://security.gentoo.org/glsa/202003-59

reference_url	https://access.redhat.com/errata/RHSA-2020:4629
reference_id	RHSA-2020:4629
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:4629

reference_url	https://usn.ubuntu.com/4199-1/
reference_id	USN-4199-1
reference_type
scores
url	https://usn.ubuntu.com/4199-1/

fixed_packages

url	pkg:deb/debian/libvpx@1.8.1-2?distro=trixie
purl	pkg:deb/debian/libvpx@1.8.1-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.8.1-2%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u3?distro=trixie
purl	pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.9.0-1%252Bdeb11u3%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.12.0-1%2Bdeb12u4?distro=trixie
purl	pkg:deb/debian/libvpx@1.12.0-1%2Bdeb12u4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.12.0-1%252Bdeb12u4%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.15.0-2.1%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/libvpx@1.15.0-2.1%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.15.0-2.1%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.16.0-3?distro=trixie
purl	pkg:deb/debian/libvpx@1.16.0-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.16.0-3%3Fdistro=trixie

aliases CVE-2019-9371

risk_score 3.2

exploitability 0.5

weighted_severity 6.4

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ut2r-gvwc-4ydu

url VCID-veqq-773w-1ba9

vulnerability_id VCID-veqq-773w-1ba9

summary libvpx: Integer overflow in vpx_img_alloc()

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-5197.json

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-5197.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-5197

reference_id

reference_type

scores

value	0.00325
scoring_system	epss
scoring_elements	0.55535
published_at	2026-04-13T12:55:00Z

value	0.00325
scoring_system	epss
scoring_elements	0.55511
published_at	2026-04-07T12:55:00Z

value	0.00325
scoring_system	epss
scoring_elements	0.55562
published_at	2026-04-08T12:55:00Z

value	0.00325
scoring_system	epss
scoring_elements	0.55563
published_at	2026-04-09T12:55:00Z

value	0.00325
scoring_system	epss
scoring_elements	0.55572
published_at	2026-04-16T12:55:00Z

value	0.00325
scoring_system	epss
scoring_elements	0.55552
published_at	2026-04-12T12:55:00Z

value	0.00325
scoring_system	epss
scoring_elements	0.5551
published_at	2026-04-02T12:55:00Z

value	0.00325
scoring_system	epss
scoring_elements	0.55534
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-5197

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5197
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5197

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2291198
reference_id	2291198
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2291198

reference_url

https://g-issues.chromium.org/issues/332382766

reference_id

332382766

reference_type

scores

value	5.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:P/VC:L/VI:H/VA:N/SC:L/SI:L/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-03T17:27:56Z/

url

https://g-issues.chromium.org/issues/332382766

reference_url

https://lists.debian.org/debian-lts-announce/2024/06/msg00005.html

reference_id

msg00005.html

reference_type

scores

value	5.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:P/VC:L/VI:H/VA:N/SC:L/SI:L/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-03T17:27:56Z/

url

https://lists.debian.org/debian-lts-announce/2024/06/msg00005.html

reference_url	https://access.redhat.com/errata/RHSA-2024:5941
reference_id	RHSA-2024:5941
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:5941

reference_url	https://access.redhat.com/errata/RHSA-2024:9827
reference_id	RHSA-2024:9827
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:9827

reference_url	https://access.redhat.com/errata/RHSA-2025:14138
reference_id	RHSA-2025:14138
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:14138

reference_url	https://access.redhat.com/errata/RHSA-2025:14139
reference_id	RHSA-2025:14139
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:14139

reference_url	https://access.redhat.com/errata/RHSA-2025:14140
reference_id	RHSA-2025:14140
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:14140

reference_url	https://usn.ubuntu.com/6814-1/
reference_id	USN-6814-1
reference_type
scores
url	https://usn.ubuntu.com/6814-1/

reference_url	https://usn.ubuntu.com/7249-1/
reference_id	USN-7249-1
reference_type
scores
url	https://usn.ubuntu.com/7249-1/

fixed_packages

url	pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u3?distro=trixie
purl	pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.9.0-1%252Bdeb11u3%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.12.0-1%2Bdeb12u3?distro=trixie
purl	pkg:deb/debian/libvpx@1.12.0-1%2Bdeb12u3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.12.0-1%252Bdeb12u3%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.12.0-1%2Bdeb12u4?distro=trixie
purl	pkg:deb/debian/libvpx@1.12.0-1%2Bdeb12u4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.12.0-1%252Bdeb12u4%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.14.1-1?distro=trixie
purl	pkg:deb/debian/libvpx@1.14.1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.14.1-1%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.15.0-2.1%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/libvpx@1.15.0-2.1%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.15.0-2.1%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.16.0-3?distro=trixie
purl	pkg:deb/debian/libvpx@1.16.0-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.16.0-3%3Fdistro=trixie

aliases CVE-2024-5197

risk_score 3.2

exploitability 0.5

weighted_severity 6.4

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-veqq-773w-1ba9

url VCID-wdvt-pdhd-a7gt

vulnerability_id VCID-wdvt-pdhd-a7gt

summary

Timothy B. Terriberry discovered that libvpx contains an integer overflow
    vulnerability in the processing of video streams that may allow
    user-assisted execution of arbitrary code.

references

reference_url	http://code.google.com/p/chromium/issues/detail?id=60055
reference_id
reference_type
scores
url	http://code.google.com/p/chromium/issues/detail?id=60055

reference_url	http://googlechromereleases.blogspot.com/2010/11/stable-channel-update.html
reference_id
reference_type
scores
url	http://googlechromereleases.blogspot.com/2010/11/stable-channel-update.html

reference_url	http://review.webmproject.org/gitweb?p=libvpx.git%3Ba=blob%3Bf=CHANGELOG
reference_id
reference_type
scores
url	http://review.webmproject.org/gitweb?p=libvpx.git%3Ba=blob%3Bf=CHANGELOG

reference_url	http://review.webmproject.org/gitweb?p=libvpx.git%3Ba=commit%3Bh=09bcc1f710ea65dc158639479288fb1908ff0c53
reference_id
reference_type
scores
url	http://review.webmproject.org/gitweb?p=libvpx.git%3Ba=commit%3Bh=09bcc1f710ea65dc158639479288fb1908ff0c53

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4203.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4203.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2010-4203

reference_id

reference_type

scores

value	0.08115
scoring_system	epss
scoring_elements	0.92171
published_at	2026-04-16T12:55:00Z

value	0.08115
scoring_system	epss
scoring_elements	0.92165
published_at	2026-04-12T12:55:00Z

value	0.08115
scoring_system	epss
scoring_elements	0.92128
published_at	2026-04-01T12:55:00Z

value	0.08115
scoring_system	epss
scoring_elements	0.92135
published_at	2026-04-02T12:55:00Z

value	0.08115
scoring_system	epss
scoring_elements	0.92142
published_at	2026-04-04T12:55:00Z

value	0.08115
scoring_system	epss
scoring_elements	0.92146
published_at	2026-04-07T12:55:00Z

value	0.08115
scoring_system	epss
scoring_elements	0.92158
published_at	2026-04-08T12:55:00Z

value	0.08115
scoring_system	epss
scoring_elements	0.92161
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2010-4203

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4203
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4203

reference_url	http://secunia.com/advisories/42109
reference_id
reference_type
scores
url	http://secunia.com/advisories/42109

reference_url	http://secunia.com/advisories/42118
reference_id
reference_type
scores
url	http://secunia.com/advisories/42118

reference_url	http://secunia.com/advisories/42690
reference_id
reference_type
scores
url	http://secunia.com/advisories/42690

reference_url	http://secunia.com/advisories/42908
reference_id
reference_type
scores
url	http://secunia.com/advisories/42908

reference_url	http://security.gentoo.org/glsa/glsa-201101-03.xml
reference_id
reference_type
scores
url	http://security.gentoo.org/glsa/glsa-201101-03.xml

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12198
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12198

reference_url	https://rhn.redhat.com/errata/RHSA-2010-0999.html
reference_id
reference_type
scores
url	https://rhn.redhat.com/errata/RHSA-2010-0999.html

reference_url	http://www.vupen.com/english/advisories/2011/0115
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2011/0115

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=602693
reference_id	602693
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=602693

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=651213
reference_id	651213
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=651213

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome::::::::
reference_id	cpe:2.3:a:google:chrome::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:webmproject:libvpx::::::::
reference_id	cpe:2.3:a:webmproject:libvpx::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:webmproject:libvpx::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2010-4203

reference_id

CVE-2010-4203

reference_type

scores

value	10.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:C/I:C/A:C

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2010-4203

reference_url	https://security.gentoo.org/glsa/201101-03
reference_id	GLSA-201101-03
reference_type
scores
url	https://security.gentoo.org/glsa/201101-03

reference_url	https://access.redhat.com/errata/RHSA-2010:0999
reference_id	RHSA-2010:0999
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2010:0999

reference_url	https://usn.ubuntu.com/1015-1/
reference_id	USN-1015-1
reference_type
scores
url	https://usn.ubuntu.com/1015-1/

fixed_packages

url	pkg:deb/debian/libvpx@0.9.1-2?distro=trixie
purl	pkg:deb/debian/libvpx@0.9.1-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@0.9.1-2%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u3?distro=trixie
purl	pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.9.0-1%252Bdeb11u3%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.12.0-1%2Bdeb12u4?distro=trixie
purl	pkg:deb/debian/libvpx@1.12.0-1%2Bdeb12u4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.12.0-1%252Bdeb12u4%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.15.0-2.1%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/libvpx@1.15.0-2.1%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.15.0-2.1%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.16.0-3?distro=trixie
purl	pkg:deb/debian/libvpx@1.16.0-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.16.0-3%3Fdistro=trixie

aliases CVE-2010-4203

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wdvt-pdhd-a7gt

url VCID-wg9d-bt6y-6yfd

vulnerability_id VCID-wg9d-bt6y-6yfd

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-6711

reference_id

reference_type

scores

value	0.00452
scoring_system	epss
scoring_elements	0.63632
published_at	2026-04-01T12:55:00Z

value	0.00452
scoring_system	epss
scoring_elements	0.63692
published_at	2026-04-02T12:55:00Z

value	0.00452
scoring_system	epss
scoring_elements	0.63718
published_at	2026-04-04T12:55:00Z

value	0.00452
scoring_system	epss
scoring_elements	0.63678
published_at	2026-04-07T12:55:00Z

value	0.00452
scoring_system	epss
scoring_elements	0.6373
published_at	2026-04-08T12:55:00Z

value	0.00452
scoring_system	epss
scoring_elements	0.63747
published_at	2026-04-09T12:55:00Z

value	0.00452
scoring_system	epss
scoring_elements	0.63761
published_at	2026-04-11T12:55:00Z

value	0.00452
scoring_system	epss
scoring_elements	0.63746
published_at	2026-04-12T12:55:00Z

value	0.00452
scoring_system	epss
scoring_elements	0.63713
published_at	2026-04-13T12:55:00Z

value	0.00452
scoring_system	epss
scoring_elements	0.63748
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-6711

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6711
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6711

fixed_packages

url	pkg:deb/debian/libvpx@1.6.1-1?distro=trixie
purl	pkg:deb/debian/libvpx@1.6.1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.6.1-1%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u3?distro=trixie
purl	pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.9.0-1%252Bdeb11u3%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.12.0-1%2Bdeb12u4?distro=trixie
purl	pkg:deb/debian/libvpx@1.12.0-1%2Bdeb12u4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.12.0-1%252Bdeb12u4%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.15.0-2.1%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/libvpx@1.15.0-2.1%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.15.0-2.1%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.16.0-3?distro=trixie
purl	pkg:deb/debian/libvpx@1.16.0-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.16.0-3%3Fdistro=trixie

aliases CVE-2016-6711

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wg9d-bt6y-6yfd

url VCID-yhw4-v629-jye8

vulnerability_id VCID-yhw4-v629-jye8

summary

Multiple vulnerabilities have been fixed in Chromium, the worst of
    which can cause arbitrary remote code execution.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1258.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1258.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-1258

reference_id

reference_type

scores

value	0.02136
scoring_system	epss
scoring_elements	0.84125
published_at	2026-04-01T12:55:00Z

value	0.02136
scoring_system	epss
scoring_elements	0.84138
published_at	2026-04-02T12:55:00Z

value	0.02136
scoring_system	epss
scoring_elements	0.84156
published_at	2026-04-04T12:55:00Z

value	0.02136
scoring_system	epss
scoring_elements	0.84158
published_at	2026-04-07T12:55:00Z

value	0.02136
scoring_system	epss
scoring_elements	0.8418
published_at	2026-04-08T12:55:00Z

value	0.02136
scoring_system	epss
scoring_elements	0.84187
published_at	2026-04-09T12:55:00Z

value	0.02136
scoring_system	epss
scoring_elements	0.84204
published_at	2026-04-11T12:55:00Z

value	0.02136
scoring_system	epss
scoring_elements	0.84199
published_at	2026-04-12T12:55:00Z

value	0.02136
scoring_system	epss
scoring_elements	0.84195
published_at	2026-04-13T12:55:00Z

value	0.02136
scoring_system	epss
scoring_elements	0.84217
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-1258

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1251
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1251

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1252
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1252

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1253
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1253

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1254
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1254

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1255
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1255

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1256
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1256

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1257
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1257

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1258
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1258

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1259
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1259

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1260
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1260

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1261
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1261

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1262
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1262

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1263
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1263

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1264
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1264

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1265
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1265

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3910
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3910

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1223266
reference_id	1223266
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1223266

reference_url	https://security.gentoo.org/glsa/201506-04
reference_id	GLSA-201506-04
reference_type
scores
url	https://security.gentoo.org/glsa/201506-04

reference_url	https://access.redhat.com/errata/RHSA-2015:1023
reference_id	RHSA-2015:1023
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:1023

reference_url	https://usn.ubuntu.com/2610-1/
reference_id	USN-2610-1
reference_type
scores
url	https://usn.ubuntu.com/2610-1/

fixed_packages

url	pkg:deb/debian/libvpx@1.4.0-4?distro=trixie
purl	pkg:deb/debian/libvpx@1.4.0-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.4.0-4%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u3?distro=trixie
purl	pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.9.0-1%252Bdeb11u3%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.12.0-1%2Bdeb12u4?distro=trixie
purl	pkg:deb/debian/libvpx@1.12.0-1%2Bdeb12u4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.12.0-1%252Bdeb12u4%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.15.0-2.1%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/libvpx@1.15.0-2.1%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.15.0-2.1%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.16.0-3?distro=trixie
purl	pkg:deb/debian/libvpx@1.16.0-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.16.0-3%3Fdistro=trixie

aliases CVE-2015-1258

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yhw4-v629-jye8

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.16.0-3%3Fdistro=trixie

Package Instance