VulnerableCode Package Details - pkg:deb/debian/aom@3.6.0-1%2Bdeb12u2

Search for packages

Vulnerability	Summary	Fixed by
VCID-5xn1-ucsu-ufbh Aliases: CVE-2023-6879	aom: heap-buffer-overflow on frame size change	3.12.1-1 Affected by 0 other vulnerabilities.
VCID-em18-qcj8-dfgj Aliases: CVE-2023-39616	AOMedia v3.0.0 to v3.5.0 was discovered to contain an invalid read memory access via the component assign_frame_buffer_p in av1/common/av1_common_int.h.	3.12.1-1 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-5xn1-ucsu-ufbh
Aliases:
CVE-2023-6879

aom: heap-buffer-overflow on frame size change

3.12.1-1
Affected by 0 other vulnerabilities.

VCID-em18-qcj8-dfgj
Aliases:
CVE-2023-39616

AOMedia v3.0.0 to v3.5.0 was discovered to contain an invalid read memory access via the component assign_frame_buffer_p in av1/common/av1_common_int.h.

3.12.1-1
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
VCID-5d1t-g3nx-5fd6	In extend_frame_lowbd of restoration.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-150780418	CVE-2020-0478
VCID-pnux-7kf8-9uaq	libaom: Integer overflow in internal function img_alloc_helper	CVE-2024-5171

Vulnerability

Summary

Aliases

VCID-5d1t-g3nx-5fd6

In extend_frame_lowbd of restoration.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-150780418

CVE-2020-0478

VCID-pnux-7kf8-9uaq

libaom: Integer overflow in internal function img_alloc_helper

CVE-2024-5171

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-15T18:51:15.780743+00:00	Debian Oval Importer	Fixing	VCID-pnux-7kf8-9uaq	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-13T07:45:15.162106+00:00	Debian Importer	Affected by	VCID-5xn1-ucsu-ufbh	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T07:41:13.183798+00:00	Debian Importer	Affected by	VCID-em18-qcj8-dfgj	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T06:43:13.368586+00:00	Debian Importer	Fixing	VCID-5d1t-g3nx-5fd6	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-11T18:35:48.099578+00:00	Debian Oval Importer	Fixing	VCID-pnux-7kf8-9uaq	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-08T19:06:27.293307+00:00	Debian Importer	Affected by	VCID-em18-qcj8-dfgj	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-08T18:20:54.956240+00:00	Debian Oval Importer	Fixing	VCID-pnux-7kf8-9uaq	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-02T17:11:27.224498+00:00	Debian Importer	Affected by	VCID-5xn1-ucsu-ufbh	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-02T17:06:45.225536+00:00	Debian Importer	Fixing	VCID-5d1t-g3nx-5fd6	https://security-tracker.debian.org/tracker/data/json	38.1.0