VulnerableCode Package Details - pkg:deb/ubuntu/libvpx@0.9.7.p1-1

Search for packages

Vulnerability	Summary	Fixed by
VCID-3fjw-74q5-aaah Aliases: CVE-2020-0034	In vp8_decode_frame of decodeframe.c, there is a possible out of bounds read due to improper input validation. This could lead to remote information disclosure if error correction were turned on, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1Android ID: A-62458770	1.8.1-2 Affected by 0 other vulnerabilities. 1.8.2-1 Affected by 0 other vulnerabilities.
VCID-5ux6-q5sa-aaap Aliases: CVE-2019-9325	In libvpx, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112001302	1.8.1-2 Affected by 0 other vulnerabilities.
VCID-6u7a-r2zk-aaar Aliases: CVE-2017-13194	A vulnerability in the Android media framework (libvpx) related to odd frame width. Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-64710201.	1.7.0-3 Affected by 6 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-7zsc-utjq-aaaf Aliases: CVE-2019-9371	In libvpx, there is a possible resource exhaustion due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-132783254	1.8.1-2 Affected by 0 other vulnerabilities.
VCID-e1b5-mfrx-aaae Aliases: CVE-2019-9232	In libvpx, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-122675483	1.8.1-2 Affected by 0 other vulnerabilities.
VCID-jbsd-7ptm-aaae Aliases: CVE-2019-9433	In libvpx, there is a possible information disclosure due to improper input validation. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-80479354	1.8.1-2 Affected by 0 other vulnerabilities.
VCID-rxvn-6pux-aaad Aliases: CVE-2019-2126	CVE-2019-2126 libvpx: Double free in ParseContentEncodingEntry() in mkvparser.cc	1.8.1-2 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-3fjw-74q5-aaah
Aliases:
CVE-2020-0034

In vp8_decode_frame of decodeframe.c, there is a possible out of bounds read due to improper input validation. This could lead to remote information disclosure if error correction were turned on, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1Android ID: A-62458770