Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-5bx8-w9sb-1bbs

Summary libvpx in libwebm in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted mkv file, aka internal bug 23167726.

Aliases

alias	CVE-2016-2464

Fixed_packages

url	pkg:deb/debian/libvpx@1.6.1-1?distro=trixie
purl	pkg:deb/debian/libvpx@1.6.1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.6.1-1%3Fdistro=trixie

url pkg:deb/debian/libvpx@1.6.1-2~bpo8%2B1

purl pkg:deb/debian/libvpx@1.6.1-2~bpo8%2B1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-59n6-fj5x-33gn

vulnerability	VCID-7s5h-zrax-hkcv

vulnerability	VCID-8vka-qus2-tbhj

vulnerability	VCID-98mt-7srw-qfh4

vulnerability	VCID-djwx-su1m-57h4

vulnerability	VCID-f81v-9fv8-93cd

vulnerability	VCID-hhsp-7swr-qybd

vulnerability	VCID-kuxu-ty5p-8qbf

vulnerability	VCID-mcab-z6qn-gkds

vulnerability	VCID-txwy-bkhg-9qfv

vulnerability	VCID-ut2r-gvwc-4ydu

vulnerability	VCID-veqq-773w-1ba9

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.6.1-2~bpo8%252B1

url	pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u3?distro=trixie
purl	pkg:deb/debian/libvpx@1.9.0-1%2Bdeb11u3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.9.0-1%252Bdeb11u3%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.12.0-1%2Bdeb12u4?distro=trixie
purl	pkg:deb/debian/libvpx@1.12.0-1%2Bdeb12u4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.12.0-1%252Bdeb12u4%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.15.0-2.1%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/libvpx@1.15.0-2.1%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.15.0-2.1%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/libvpx@1.16.0-3?distro=trixie
purl	pkg:deb/debian/libvpx@1.16.0-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.16.0-3%3Fdistro=trixie

Affected_packages

url pkg:deb/debian/libvpx@0.9.1-2

purl pkg:deb/debian/libvpx@0.9.1-2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4mzm-67bs-d3h9

vulnerability	VCID-4xgr-unyn-jkfj

vulnerability	VCID-59n6-fj5x-33gn

vulnerability	VCID-5bx8-w9sb-1bbs

vulnerability	VCID-5n7c-tqzz-nfha

vulnerability	VCID-7s5h-zrax-hkcv

vulnerability	VCID-8vka-qus2-tbhj

vulnerability	VCID-98mt-7srw-qfh4

vulnerability	VCID-d1xs-2tfm-2ud6

vulnerability	VCID-djwx-su1m-57h4

vulnerability	VCID-f81v-9fv8-93cd

vulnerability	VCID-hhsp-7swr-qybd

vulnerability	VCID-hkfy-wbqn-sba8

vulnerability	VCID-kuxu-ty5p-8qbf

vulnerability	VCID-mcab-z6qn-gkds

vulnerability	VCID-nw6w-7x8f-x7fw

vulnerability	VCID-qcyp-en6e-vya2

vulnerability	VCID-qjuf-f8ec-byc7

vulnerability	VCID-s76d-pjvk-63cr

vulnerability	VCID-tbkw-k4a7-43fp

vulnerability	VCID-txwy-bkhg-9qfv

vulnerability	VCID-ut2r-gvwc-4ydu

vulnerability	VCID-veqq-773w-1ba9

vulnerability	VCID-wg9d-bt6y-6yfd

vulnerability	VCID-yhw4-v629-jye8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@0.9.1-2

url pkg:deb/debian/libvpx@1.1.0-1

purl pkg:deb/debian/libvpx@1.1.0-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4xgr-unyn-jkfj

vulnerability	VCID-59n6-fj5x-33gn

vulnerability	VCID-5bx8-w9sb-1bbs

vulnerability	VCID-5n7c-tqzz-nfha

vulnerability	VCID-7s5h-zrax-hkcv

vulnerability	VCID-8vka-qus2-tbhj

vulnerability	VCID-98mt-7srw-qfh4

vulnerability	VCID-djwx-su1m-57h4

vulnerability	VCID-f81v-9fv8-93cd

vulnerability	VCID-hhsp-7swr-qybd

vulnerability	VCID-hkfy-wbqn-sba8

vulnerability	VCID-kuxu-ty5p-8qbf

vulnerability	VCID-mcab-z6qn-gkds

vulnerability	VCID-nw6w-7x8f-x7fw

vulnerability	VCID-qcyp-en6e-vya2

vulnerability	VCID-qjuf-f8ec-byc7

vulnerability	VCID-s76d-pjvk-63cr

vulnerability	VCID-tbkw-k4a7-43fp

vulnerability	VCID-txwy-bkhg-9qfv

vulnerability	VCID-ut2r-gvwc-4ydu

vulnerability	VCID-veqq-773w-1ba9

vulnerability	VCID-wg9d-bt6y-6yfd

vulnerability	VCID-yhw4-v629-jye8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.1.0-1

url pkg:deb/debian/libvpx@1.3.0-3

purl pkg:deb/debian/libvpx@1.3.0-3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-59n6-fj5x-33gn

vulnerability	VCID-5bx8-w9sb-1bbs

vulnerability	VCID-5n7c-tqzz-nfha

vulnerability	VCID-7s5h-zrax-hkcv

vulnerability	VCID-8vka-qus2-tbhj

vulnerability	VCID-98mt-7srw-qfh4

vulnerability	VCID-djwx-su1m-57h4

vulnerability	VCID-f81v-9fv8-93cd

vulnerability	VCID-hhsp-7swr-qybd

vulnerability	VCID-hkfy-wbqn-sba8

vulnerability	VCID-kuxu-ty5p-8qbf

vulnerability	VCID-mcab-z6qn-gkds

vulnerability	VCID-nw6w-7x8f-x7fw

vulnerability	VCID-qcyp-en6e-vya2

vulnerability	VCID-qjuf-f8ec-byc7

vulnerability	VCID-s76d-pjvk-63cr

vulnerability	VCID-tbkw-k4a7-43fp

vulnerability	VCID-txwy-bkhg-9qfv

vulnerability	VCID-ut2r-gvwc-4ydu

vulnerability	VCID-veqq-773w-1ba9

vulnerability	VCID-wg9d-bt6y-6yfd

vulnerability	VCID-yhw4-v629-jye8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.3.0-3

url pkg:deb/debian/libvpx@1.3.0-3%2Bdeb8u1

purl pkg:deb/debian/libvpx@1.3.0-3%2Bdeb8u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-59n6-fj5x-33gn

vulnerability	VCID-5bx8-w9sb-1bbs

vulnerability	VCID-5n7c-tqzz-nfha

vulnerability	VCID-7s5h-zrax-hkcv

vulnerability	VCID-8vka-qus2-tbhj

vulnerability	VCID-98mt-7srw-qfh4

vulnerability	VCID-djwx-su1m-57h4

vulnerability	VCID-f81v-9fv8-93cd

vulnerability	VCID-hhsp-7swr-qybd

vulnerability	VCID-hkfy-wbqn-sba8

vulnerability	VCID-kuxu-ty5p-8qbf

vulnerability	VCID-mcab-z6qn-gkds

vulnerability	VCID-nw6w-7x8f-x7fw

vulnerability	VCID-qcyp-en6e-vya2

vulnerability	VCID-qjuf-f8ec-byc7

vulnerability	VCID-s76d-pjvk-63cr

vulnerability	VCID-tbkw-k4a7-43fp

vulnerability	VCID-txwy-bkhg-9qfv

vulnerability	VCID-ut2r-gvwc-4ydu

vulnerability	VCID-veqq-773w-1ba9

vulnerability	VCID-wg9d-bt6y-6yfd

vulnerability	VCID-yhw4-v629-jye8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.3.0-3%252Bdeb8u1

url pkg:deb/debian/libvpx@1.6.0-2~bpo8%2B1

purl pkg:deb/debian/libvpx@1.6.0-2~bpo8%2B1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-59n6-fj5x-33gn

vulnerability	VCID-5bx8-w9sb-1bbs

vulnerability	VCID-5n7c-tqzz-nfha

vulnerability	VCID-7s5h-zrax-hkcv

vulnerability	VCID-8vka-qus2-tbhj

vulnerability	VCID-98mt-7srw-qfh4

vulnerability	VCID-djwx-su1m-57h4

vulnerability	VCID-f81v-9fv8-93cd

vulnerability	VCID-hhsp-7swr-qybd

vulnerability	VCID-hkfy-wbqn-sba8

vulnerability	VCID-kuxu-ty5p-8qbf

vulnerability	VCID-mcab-z6qn-gkds

vulnerability	VCID-nw6w-7x8f-x7fw

vulnerability	VCID-qcyp-en6e-vya2

vulnerability	VCID-txwy-bkhg-9qfv

vulnerability	VCID-ut2r-gvwc-4ydu

vulnerability	VCID-veqq-773w-1ba9

vulnerability	VCID-wg9d-bt6y-6yfd

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvpx@1.6.0-2~bpo8%252B1

References

reference_url	https://android.googlesource.com/platform/external/libvpx/+/65c49d5b382de4085ee5668732bcb0f6ecaf7148
reference_id
reference_type
scores
url	https://android.googlesource.com/platform/external/libvpx/+/65c49d5b382de4085ee5668732bcb0f6ecaf7148

reference_url	https://android.googlesource.com/platform/external/libvpx/+/cc274e2abe8b2a6698a5c47d8aa4bb45f1f9538d
reference_id
reference_type
scores
url	https://android.googlesource.com/platform/external/libvpx/+/cc274e2abe8b2a6698a5c47d8aa4bb45f1f9538d

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-2464

reference_id

reference_type

scores

value	0.00254
scoring_system	epss
scoring_elements	0.48749
published_at	2026-04-18T12:55:00Z

value	0.00254
scoring_system	epss
scoring_elements	0.48697
published_at	2026-04-12T12:55:00Z

value	0.00254
scoring_system	epss
scoring_elements	0.48753
published_at	2026-04-16T12:55:00Z

value	0.00254
scoring_system	epss
scoring_elements	0.48635
published_at	2026-04-01T12:55:00Z

value	0.00254
scoring_system	epss
scoring_elements	0.48676
published_at	2026-04-02T12:55:00Z

value	0.00254
scoring_system	epss
scoring_elements	0.48701
published_at	2026-04-04T12:55:00Z

value	0.00254
scoring_system	epss
scoring_elements	0.48655
published_at	2026-04-07T12:55:00Z

value	0.00254
scoring_system	epss
scoring_elements	0.48709
published_at	2026-04-08T12:55:00Z

value	0.00254
scoring_system	epss
scoring_elements	0.48705
published_at	2026-04-13T12:55:00Z

value	0.00254
scoring_system	epss
scoring_elements	0.48723
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-2464

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2464
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2464

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	http://source.android.com/security/bulletin/2016-06-01.html
reference_id
reference_type
scores
url	http://source.android.com/security/bulletin/2016-06-01.html

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.0:::::::*
reference_id	cpe:2.3:o:google:android:4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.0.1:::::::*
reference_id	cpe:2.3:o:google:android:4.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.0.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.0.2:::::::*
reference_id	cpe:2.3:o:google:android:4.0.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.0.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.0.3:::::::*
reference_id	cpe:2.3:o:google:android:4.0.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.0.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.0.4:::::::*
reference_id	cpe:2.3:o:google:android:4.0.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.0.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.1:::::::*
reference_id	cpe:2.3:o:google:android:4.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.1.1:::::::*
reference_id	cpe:2.3:o:google:android:4.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.1.2:::::::*
reference_id	cpe:2.3:o:google:android:4.1.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.1.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.2:::::::*
reference_id	cpe:2.3:o:google:android:4.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.2.1:::::::*
reference_id	cpe:2.3:o:google:android:4.2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.2.2:::::::*
reference_id	cpe:2.3:o:google:android:4.2.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.2.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.3:::::::*
reference_id	cpe:2.3:o:google:android:4.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.3.1:::::::*
reference_id	cpe:2.3:o:google:android:4.3.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.3.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:5.0:::::::*
reference_id	cpe:2.3:o:google:android:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:5.0.1:::::::*
reference_id	cpe:2.3:o:google:android:5.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:5.0.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:5.1:::::::*
reference_id	cpe:2.3:o:google:android:5.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:5.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:6.0:::::::*
reference_id	cpe:2.3:o:google:android:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:6.0.1:::::::*
reference_id	cpe:2.3:o:google:android:6.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:6.0.1:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-2464

reference_id

CVE-2016-2464

reference_type

scores

value	9.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:C/I:C/A:C

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-2464

Weaknesses

cwe_id	20
name	Improper Input Validation
description	The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

Exploits

Severity_range_score 6.8 - 9.3

Exploitability 0.5

Weighted_severity 8.4

Risk_score 4.2

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5bx8-w9sb-1bbs

Vulnerability Instance