Lucene search
Veracode Vulnerability DatabaseVERACODE:22278HistoryJan 10, 2020 - 6:24 a.m.
Remote Code Execution
2020-01-1006:24:46
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
15
EPSS
0.008
Percentile
81.9%
libvpx.so is vulnerable to remote code execution. The ParseContentEncodingEntry function of mkvparser.cc does not reset of a freed pointer. causing a double free memory corruption and subsequently allowing to trigger a remote code execution.
References
lists.opensuse.org/opensuse-security-announce/2020-01/msg00049.html
bugzilla.redhat.com/show_bug.cgi?id=1789008
github.com/webmproject/libvpx/commit/6a7c84a2449dcc70de2525df209afea908622399
lists.fedoraproject.org/archives/list/[email protected]/message/DQSTK442ATWJOR4TU3MR6C3N5A6NDFFN/
lists.fedoraproject.org/archives/list/[email protected]/message/U2IIA3RSYABBUCFIHXIRVUT5CTJVWWZ6/
source.android.com/security/bulletin/2019-08-01
usn.ubuntu.com/4199-1/
Related
cvelist
cvelist
CVE-2019-2126
2019-08-20 19:49:04
cve
cve
CVE-2019-2126
2019-08-20 20:15:12
prion
prion
Double free
2019-08-20 20:15:00
redhatcve
redhatcve
CVE-2019-2126
2020-01-08 15:14:02
nvd
nvd
CVE-2019-2126
2019-08-20 20:15:12
ubuntucve
ubuntucve
CVE-2019-2126
2019-08-20 00:00:00
openvas
openvas
Mageia: Security Advisory (MGASA-2019-0369)
2022-01-28 00:00:00
Huawei EulerOS: Security Advisory for libvpx (EulerOS-SA-2020-1867)
2020-08-31 00:00:00
openSUSE: Security Advisory for libvpx (openSUSE-SU-2020:0105_1)
2020-01-27 00:00:00
mageia
mageia
Updated libvpx packages fix security vulnerabilities
2019-12-06 17:15:42
nessus
nessus
EulerOS 2.0 SP8 : libvpx (EulerOS-SA-2020-1867)
2020-08-28 00:00:00
NewStart CGSL MAIN 6.02 : libvpx Multiple Vulnerabilities (NS-SA-2021-0060)
2021-03-10 00:00:00
Oracle Linux 8 : libvpx (ELSA-2020-4629)
2020-11-12 00:00:00
oraclelinux
oraclelinux
libvpx security update
2020-11-10 00:00:00
osv
osv
Moderate: libvpx security update
2020-11-03 12:21:50
Moderate: libvpx security update
2020-11-03 12:21:50
redhat
redhat
(RHSA-2020:4629) Moderate: libvpx security update
2020-11-03 12:21:50
almalinux
almalinux
Moderate: libvpx security update
2020-11-03 12:21:50
rocky
rocky
libvpx security update
2020-11-03 12:21:50
suse
suse
Security update for libvpx (important)
2020-01-26 00:00:00
fedora
fedora
[SECURITY] Fedora 31 Update: libvpx-1.8.2-1.fc31
2020-01-13 02:21:23
[SECURITY] Fedora 30 Update: libvpx-1.8.2-1.fc30
2020-01-24 18:51:39
cloudfoundry
cloudfoundry
USN-4199-1: libvpx vulnerabilities | Cloud Foundry
2019-12-05 00:00:00
ubuntu
ubuntu
libvpx vulnerabilities
2019-11-25 00:00:00