Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-kuxu-ty5p-8qbf

Summary libvpx: Heap buffer overflow related to VP9 encoding

Aliases

alias	CVE-2023-6349

Fixed_packages

url	pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u2?distro=trixie
purl	pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.9.0-1%252Bdeb11u2%3Fdistro=trixie

url pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u3

purl pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8vka-qus2-tbhj

vulnerability	VCID-98mt-7srw-qfh4

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.9.0-1%252Bdeb11u3

url	pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u3?distro=trixie
purl	pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.9.0-1%252Bdeb11u3%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.12.0-1%2Bdeb12u2?distro=trixie
purl	pkg:deb/debian/libvpx@1.12.0-1%2Bdeb12u2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.12.0-1%252Bdeb12u2%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.12.0-1%2Bdeb12u4?distro=trixie
purl	pkg:deb/debian/libvpx@1.12.0-1%2Bdeb12u4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.12.0-1%252Bdeb12u4%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.13.1-2?distro=trixie
purl	pkg:deb/debian/libvpx@1.13.1-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.13.1-2%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.15.0-2.1%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/libvpx@1.15.0-2.1%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.15.0-2.1%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.16.0-3?distro=trixie
purl	pkg:deb/debian/libvpx@1.16.0-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.16.0-3%3Fdistro=trixie

Affected_packages

url pkg:deb/debian/libvpx@0.9.1-2

purl pkg:deb/debian/libvpx@0.9.1-2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4mzm-67bs-d3h9

vulnerability	VCID-4xgr-unyn-jkfj

vulnerability	VCID-59n6-fj5x-33gn

vulnerability	VCID-5bx8-w9sb-1bbs

vulnerability	VCID-5n7c-tqzz-nfha

vulnerability	VCID-7s5h-zrax-hkcv

vulnerability	VCID-8vka-qus2-tbhj

vulnerability	VCID-98mt-7srw-qfh4

vulnerability	VCID-d1xs-2tfm-2ud6

vulnerability	VCID-djwx-su1m-57h4

vulnerability	VCID-f81v-9fv8-93cd

vulnerability	VCID-hhsp-7swr-qybd

vulnerability	VCID-hkfy-wbqn-sba8

vulnerability	VCID-kuxu-ty5p-8qbf

vulnerability	VCID-mcab-z6qn-gkds

vulnerability	VCID-nw6w-7x8f-x7fw

vulnerability	VCID-qcyp-en6e-vya2

vulnerability	VCID-qjuf-f8ec-byc7

vulnerability	VCID-s76d-pjvk-63cr

vulnerability	VCID-tbkw-k4a7-43fp

vulnerability	VCID-txwy-bkhg-9qfv

vulnerability	VCID-ut2r-gvwc-4ydu

vulnerability	VCID-veqq-773w-1ba9

vulnerability	VCID-wg9d-bt6y-6yfd

vulnerability	VCID-yhw4-v629-jye8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@0.9.1-2

url pkg:deb/debian/libvpx@1.1.0-1

purl pkg:deb/debian/libvpx@1.1.0-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4xgr-unyn-jkfj

vulnerability	VCID-59n6-fj5x-33gn

vulnerability	VCID-5bx8-w9sb-1bbs

vulnerability	VCID-5n7c-tqzz-nfha

vulnerability	VCID-7s5h-zrax-hkcv

vulnerability	VCID-8vka-qus2-tbhj

vulnerability	VCID-98mt-7srw-qfh4

vulnerability	VCID-djwx-su1m-57h4

vulnerability	VCID-f81v-9fv8-93cd

vulnerability	VCID-hhsp-7swr-qybd

vulnerability	VCID-hkfy-wbqn-sba8

vulnerability	VCID-kuxu-ty5p-8qbf

vulnerability	VCID-mcab-z6qn-gkds

vulnerability	VCID-nw6w-7x8f-x7fw

vulnerability	VCID-qcyp-en6e-vya2

vulnerability	VCID-qjuf-f8ec-byc7

vulnerability	VCID-s76d-pjvk-63cr

vulnerability	VCID-tbkw-k4a7-43fp

vulnerability	VCID-txwy-bkhg-9qfv

vulnerability	VCID-ut2r-gvwc-4ydu

vulnerability	VCID-veqq-773w-1ba9

vulnerability	VCID-wg9d-bt6y-6yfd

vulnerability	VCID-yhw4-v629-jye8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.1.0-1

url pkg:deb/debian/libvpx@1.3.0-3

purl pkg:deb/debian/libvpx@1.3.0-3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-59n6-fj5x-33gn

vulnerability	VCID-5bx8-w9sb-1bbs

vulnerability	VCID-5n7c-tqzz-nfha

vulnerability	VCID-7s5h-zrax-hkcv

vulnerability	VCID-8vka-qus2-tbhj

vulnerability	VCID-98mt-7srw-qfh4

vulnerability	VCID-djwx-su1m-57h4

vulnerability	VCID-f81v-9fv8-93cd

vulnerability	VCID-hhsp-7swr-qybd

vulnerability	VCID-hkfy-wbqn-sba8

vulnerability	VCID-kuxu-ty5p-8qbf

vulnerability	VCID-mcab-z6qn-gkds

vulnerability	VCID-nw6w-7x8f-x7fw

vulnerability	VCID-qcyp-en6e-vya2

vulnerability	VCID-qjuf-f8ec-byc7

vulnerability	VCID-s76d-pjvk-63cr

vulnerability	VCID-tbkw-k4a7-43fp

vulnerability	VCID-txwy-bkhg-9qfv

vulnerability	VCID-ut2r-gvwc-4ydu

vulnerability	VCID-veqq-773w-1ba9

vulnerability	VCID-wg9d-bt6y-6yfd

vulnerability	VCID-yhw4-v629-jye8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.3.0-3

url pkg:deb/debian/libvpx@1.3.0-3%2Bdeb8u1

purl pkg:deb/debian/libvpx@1.3.0-3%2Bdeb8u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-59n6-fj5x-33gn

vulnerability	VCID-5bx8-w9sb-1bbs

vulnerability	VCID-5n7c-tqzz-nfha

vulnerability	VCID-7s5h-zrax-hkcv

vulnerability	VCID-8vka-qus2-tbhj

vulnerability	VCID-98mt-7srw-qfh4

vulnerability	VCID-djwx-su1m-57h4

vulnerability	VCID-f81v-9fv8-93cd

vulnerability	VCID-hhsp-7swr-qybd

vulnerability	VCID-hkfy-wbqn-sba8

vulnerability	VCID-kuxu-ty5p-8qbf

vulnerability	VCID-mcab-z6qn-gkds

vulnerability	VCID-nw6w-7x8f-x7fw

vulnerability	VCID-qcyp-en6e-vya2

vulnerability	VCID-qjuf-f8ec-byc7

vulnerability	VCID-s76d-pjvk-63cr

vulnerability	VCID-tbkw-k4a7-43fp

vulnerability	VCID-txwy-bkhg-9qfv

vulnerability	VCID-ut2r-gvwc-4ydu

vulnerability	VCID-veqq-773w-1ba9

vulnerability	VCID-wg9d-bt6y-6yfd

vulnerability	VCID-yhw4-v629-jye8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.3.0-3%252Bdeb8u1

url pkg:deb/debian/libvpx@1.6.0-2~bpo8%2B1

purl pkg:deb/debian/libvpx@1.6.0-2~bpo8%2B1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-59n6-fj5x-33gn

vulnerability	VCID-5bx8-w9sb-1bbs

vulnerability	VCID-5n7c-tqzz-nfha

vulnerability	VCID-7s5h-zrax-hkcv

vulnerability	VCID-8vka-qus2-tbhj

vulnerability	VCID-98mt-7srw-qfh4

vulnerability	VCID-djwx-su1m-57h4

vulnerability	VCID-f81v-9fv8-93cd

vulnerability	VCID-hhsp-7swr-qybd

vulnerability	VCID-hkfy-wbqn-sba8

vulnerability	VCID-kuxu-ty5p-8qbf

vulnerability	VCID-mcab-z6qn-gkds

vulnerability	VCID-nw6w-7x8f-x7fw

vulnerability	VCID-qcyp-en6e-vya2

vulnerability	VCID-txwy-bkhg-9qfv

vulnerability	VCID-ut2r-gvwc-4ydu

vulnerability	VCID-veqq-773w-1ba9

vulnerability	VCID-wg9d-bt6y-6yfd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.6.0-2~bpo8%252B1

url pkg:deb/debian/libvpx@1.6.1-2~bpo8%2B1

purl pkg:deb/debian/libvpx@1.6.1-2~bpo8%2B1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-59n6-fj5x-33gn

vulnerability	VCID-7s5h-zrax-hkcv

vulnerability	VCID-8vka-qus2-tbhj

vulnerability	VCID-98mt-7srw-qfh4

vulnerability	VCID-djwx-su1m-57h4

vulnerability	VCID-f81v-9fv8-93cd

vulnerability	VCID-hhsp-7swr-qybd

vulnerability	VCID-kuxu-ty5p-8qbf

vulnerability	VCID-mcab-z6qn-gkds

vulnerability	VCID-txwy-bkhg-9qfv

vulnerability	VCID-ut2r-gvwc-4ydu

vulnerability	VCID-veqq-773w-1ba9

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.6.1-2~bpo8%252B1

url pkg:deb/debian/libvpx@1.6.1-3%2Bdeb9u2

purl pkg:deb/debian/libvpx@1.6.1-3%2Bdeb9u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-59n6-fj5x-33gn

vulnerability	VCID-7s5h-zrax-hkcv

vulnerability	VCID-8vka-qus2-tbhj

vulnerability	VCID-98mt-7srw-qfh4

vulnerability	VCID-djwx-su1m-57h4

vulnerability	VCID-f81v-9fv8-93cd

vulnerability	VCID-hhsp-7swr-qybd

vulnerability	VCID-kuxu-ty5p-8qbf

vulnerability	VCID-mcab-z6qn-gkds

vulnerability	VCID-txwy-bkhg-9qfv

vulnerability	VCID-ut2r-gvwc-4ydu

vulnerability	VCID-veqq-773w-1ba9

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.6.1-3%252Bdeb9u2

url pkg:deb/debian/libvpx@1.7.0-3%2Bdeb10u1

purl pkg:deb/debian/libvpx@1.7.0-3%2Bdeb10u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-59n6-fj5x-33gn

vulnerability	VCID-8vka-qus2-tbhj

vulnerability	VCID-98mt-7srw-qfh4

vulnerability	VCID-djwx-su1m-57h4

vulnerability	VCID-f81v-9fv8-93cd

vulnerability	VCID-kuxu-ty5p-8qbf

vulnerability	VCID-mcab-z6qn-gkds

vulnerability	VCID-txwy-bkhg-9qfv

vulnerability	VCID-ut2r-gvwc-4ydu

vulnerability	VCID-veqq-773w-1ba9

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.7.0-3%252Bdeb10u1

url pkg:rpm/redhat/libvpx@1.7.0-11?arch=el8_10

purl pkg:rpm/redhat/libvpx@1.7.0-11?arch=el8_10

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-kuxu-ty5p-8qbf

vulnerability	VCID-veqq-773w-1ba9

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/libvpx@1.7.0-11%3Farch=el8_10

References

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6349.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6349.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-6349

reference_id

reference_type

scores

value	0.00078
scoring_system	epss
scoring_elements	0.23348
published_at	2026-04-02T12:55:00Z

value	0.00078
scoring_system	epss
scoring_elements	0.23242
published_at	2026-04-16T12:55:00Z

value	0.00078
scoring_system	epss
scoring_elements	0.23321
published_at	2026-04-11T12:55:00Z

value	0.00078
scoring_system	epss
scoring_elements	0.23283
published_at	2026-04-12T12:55:00Z

value	0.00078
scoring_system	epss
scoring_elements	0.23226
published_at	2026-04-13T12:55:00Z

value	0.00078
scoring_system	epss
scoring_elements	0.23388
published_at	2026-04-04T12:55:00Z

value	0.00078
scoring_system	epss
scoring_elements	0.23176
published_at	2026-04-07T12:55:00Z

value	0.00078
scoring_system	epss
scoring_elements	0.2325
published_at	2026-04-08T12:55:00Z

value	0.00078
scoring_system	epss
scoring_elements	0.233
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-6349

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6349
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6349

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://crbug.com/webm/1642

reference_id

1642

reference_type

scores

value	5.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:P/VC:L/VI:H/VA:N/SC:L/SI:H/SA:N/S:N/AU:N/R:A/V:D

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-28T15:01:21Z/

url

https://crbug.com/webm/1642

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2283553
reference_id	2283553
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2283553

reference_url	https://access.redhat.com/errata/RHSA-2024:5941
reference_id	RHSA-2024:5941
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:5941

reference_url	https://access.redhat.com/errata/RHSA-2026:4128
reference_id	RHSA-2026:4128
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4128

Weaknesses

cwe_id	122
name	Heap-based Buffer Overflow
description	A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().

Exploits

Severity_range_score 5.7 - 8.8

Exploitability 0.5

Weighted_severity 5.9

Risk_score 3.0

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kuxu-ty5p-8qbf

Vulnerability Instance