-
Byte Open Security
(ByteOS Network)
Log In
Sign Up
Vulnerability Details :
CVE-2023-44488
Summary
Similar CVEs
Assigner
-
mitre
Assigner Org ID
-
8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At
-
30 Sep, 2023 | 00:00
Updated At
-
23 Sep, 2024 | 16:15
Rejected At
-
Credits
VP9 in libvpx before 1.13.1 mishandles widths, leading to a crash related to encoding.
Vendors
-
Not available
Products
-
Metrics (CVSS)
Version
Base score
Base severity
Vector
Weaknesses
Attack Patterns
Solution/Workaround
References
Hyperlink
Resource Type
EPSS History
Score
Latest Score
-
N/A
Loading...
No data available for selected date range
Percentile
Latest Percentile
-
N/A
Loading...
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼
Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner
:
mitre
Assigner Org ID
:
8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At
:
30 Sep, 2023 | 00:00
Updated At
:
23 Sep, 2024 | 16:15
Rejected At
:
▼
CVE Numbering Authority (CNA)
VP9 in libvpx before 1.13.1 mishandles widths, leading to a crash related to encoding.
Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
n/a
Problem Types
Type
CWE ID
Description
text
N/A
n/a
Type:
text
CWE ID:
N/A
Description:
n/a
Metrics
Version
Base score
Base severity
Vector
Metrics Other Info
Impacts
CAPEC ID
Description
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
Event
Date
Replaced By
Rejected Reason
References
Hyperlink
Resource
https://github.com/webmproject/libvpx/commit/df9fd9d5b7325060b2b921558a1eb20ca7880937
N/A
https://github.com/webmproject/libvpx/commit/263682c9a29395055f3b3afe2d97be1828a6223f
N/A
https://github.com/webmproject/libvpx/compare/v1.13.0...v1.13.1
N/A
https://github.com/webmproject/libvpx/releases/tag/v1.13.1
N/A
http://www.openwall.com/lists/oss-security/2023/09/30/4
mailing-list
https://lists.debian.org/debian-lts-announce/2023/10/msg00001.html
mailing-list
https://bugzilla.redhat.com/show_bug.cgi?id=2241806
N/A
https://security.gentoo.org/glsa/202310-04
vendor-advisory
https://www.debian.org/security/2023/dsa-5518
vendor-advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TE7F54W5O5RS4ZMAAC7YK3CZWQXIDSKB/
vendor-advisory
Hyperlink:
https://github.com/webmproject/libvpx/commit/df9fd9d5b7325060b2b921558a1eb20ca7880937
Resource:
N/A
Hyperlink:
https://github.com/webmproject/libvpx/commit/263682c9a29395055f3b3afe2d97be1828a6223f
Resource:
N/A
Hyperlink:
https://github.com/webmproject/libvpx/compare/v1.13.0...v1.13.1
Resource:
N/A
Hyperlink:
https://github.com/webmproject/libvpx/releases/tag/v1.13.1
Resource:
N/A
Hyperlink:
http://www.openwall.com/lists/oss-security/2023/09/30/4
Resource:
mailing-list
Hyperlink:
https://lists.debian.org/debian-lts-announce/2023/10/msg00001.html
Resource:
mailing-list
Hyperlink:
https://bugzilla.redhat.com/show_bug.cgi?id=2241806
Resource:
N/A
Hyperlink:
https://security.gentoo.org/glsa/202310-04
Resource:
vendor-advisory
Hyperlink:
https://www.debian.org/security/2023/dsa-5518
Resource:
vendor-advisory
Hyperlink:
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TE7F54W5O5RS4ZMAAC7YK3CZWQXIDSKB/
Resource:
vendor-advisory
▼
Authorized Data Publishers (ADP)
1.
CVE Program Container
Affected Products
Metrics
Version
Base score
Base severity
Vector
Metrics Other Info
Impacts
CAPEC ID
Description
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
Event
Date
Replaced By
Rejected Reason
References
Hyperlink
Resource
https://github.com/webmproject/libvpx/commit/df9fd9d5b7325060b2b921558a1eb20ca7880937
x_transferred
https://github.com/webmproject/libvpx/commit/263682c9a29395055f3b3afe2d97be1828a6223f
x_transferred
https://github.com/webmproject/libvpx/compare/v1.13.0...v1.13.1
x_transferred
https://github.com/webmproject/libvpx/releases/tag/v1.13.1
x_transferred
http://www.openwall.com/lists/oss-security/2023/09/30/4
mailing-list
x_transferred
https://lists.debian.org/debian-lts-announce/2023/10/msg00001.html
mailing-list
x_transferred
https://bugzilla.redhat.com/show_bug.cgi?id=2241806
x_transferred
https://security.gentoo.org/glsa/202310-04
vendor-advisory
x_transferred
https://www.debian.org/security/2023/dsa-5518
vendor-advisory
x_transferred
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TE7F54W5O5RS4ZMAAC7YK3CZWQXIDSKB/
vendor-advisory
x_transferred
Hyperlink:
https://github.com/webmproject/libvpx/commit/df9fd9d5b7325060b2b921558a1eb20ca7880937
Resource:
x_transferred
Hyperlink:
https://github.com/webmproject/libvpx/commit/263682c9a29395055f3b3afe2d97be1828a6223f
Resource:
x_transferred
Hyperlink:
https://github.com/webmproject/libvpx/compare/v1.13.0...v1.13.1
Resource:
x_transferred
Hyperlink:
https://github.com/webmproject/libvpx/releases/tag/v1.13.1
Resource:
x_transferred
Hyperlink:
http://www.openwall.com/lists/oss-security/2023/09/30/4
Resource:
mailing-list
x_transferred
Hyperlink:
https://lists.debian.org/debian-lts-announce/2023/10/msg00001.html
Resource:
mailing-list
x_transferred
Hyperlink:
https://bugzilla.redhat.com/show_bug.cgi?id=2241806
Resource:
x_transferred
Hyperlink:
https://security.gentoo.org/glsa/202310-04
Resource:
vendor-advisory
x_transferred
Hyperlink:
https://www.debian.org/security/2023/dsa-5518
Resource:
vendor-advisory
x_transferred
Hyperlink:
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TE7F54W5O5RS4ZMAAC7YK3CZWQXIDSKB/
Resource:
vendor-advisory
x_transferred
2.
CISA ADP Vulnrichment
Affected Products
Metrics
Version
Base score
Base severity
Vector
Metrics Other Info
Impacts
CAPEC ID
Description
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
Event
Date
Replaced By
Rejected Reason
References
Hyperlink
Resource
Information is not available yet
▼
National Vulnerability Database (NVD)
nvd.nist.gov
Source
:
cve@mitre.org
Published At
:
30 Sep, 2023 | 20:15
Updated At
:
16 Nov, 2023 | 01:37
VP9 in libvpx before 1.13.1 mishandles widths, leading to a crash related to encoding.
CISA Catalog
Date Added
Due Date
Vulnerability Name
Required Action
N/A
Date Added:
N/A
Due Date:
N/A
Vulnerability Name:
N/A
Required Action:
N/A
Metrics
Type
Version
Base score
Base severity
Vector
Primary
3.1
7.5
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Type:
Primary
Version:
3.1
Base score:
7.5
Base severity:
HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CPE Matches
webmproject
webmproject
>>
libvpx
>>
Versions before 1.13.1(exclusive)
cpe:2.3:a:webmproject:libvpx:*:*:*:*:*:*:*:*
Red Hat, Inc.
redhat
>>
enterprise_linux
>>
8.0
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
Red Hat, Inc.
redhat
>>
enterprise_linux
>>
9.0
cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*
Debian GNU/Linux
debian
>>
debian_linux
>>
10.0
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
Debian GNU/Linux
debian
>>
debian_linux
>>
11.0
cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*
Debian GNU/Linux
debian
>>
debian_linux
>>
12.0
cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*
Fedora Project
fedoraproject
>>
fedora
>>
37
cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*
Load More
Weaknesses
CWE ID
Type
Source
CWE-755
Primary
nvd@nist.gov
CWE ID:
CWE-755
Type:
Primary
Source:
nvd@nist.gov
Evaluator Description
Evaluator Impact
Evaluator Solution
Vendor Statements
References
Hyperlink
Source
Resource
http://www.openwall.com/lists/oss-security/2023/09/30/4
cve@mitre.org
Mailing List
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2241806
cve@mitre.org
Issue Tracking
Patch
Third Party Advisory
https://github.com/webmproject/libvpx/commit/263682c9a29395055f3b3afe2d97be1828a6223f
cve@mitre.org
Patch
https://github.com/webmproject/libvpx/commit/df9fd9d5b7325060b2b921558a1eb20ca7880937
cve@mitre.org
Patch
https://github.com/webmproject/libvpx/compare/v1.13.0...v1.13.1
cve@mitre.org
Patch
https://github.com/webmproject/libvpx/releases/tag/v1.13.1
cve@mitre.org
Release Notes
https://lists.debian.org/debian-lts-announce/2023/10/msg00001.html
cve@mitre.org
Mailing List
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TE7F54W5O5RS4ZMAAC7YK3CZWQXIDSKB/
cve@mitre.org
Mailing List
Third Party Advisory
https://security.gentoo.org/glsa/202310-04
cve@mitre.org
Third Party Advisory
https://www.debian.org/security/2023/dsa-5518
cve@mitre.org
Third Party Advisory
Hyperlink:
http://www.openwall.com/lists/oss-security/2023/09/30/4
Source:
cve@mitre.org
Resource:
Mailing List
Third Party Advisory
Hyperlink:
https://bugzilla.redhat.com/show_bug.cgi?id=2241806
Source:
cve@mitre.org
Resource:
Issue Tracking
Patch
Third Party Advisory
Hyperlink:
https://github.com/webmproject/libvpx/commit/263682c9a29395055f3b3afe2d97be1828a6223f
Source:
cve@mitre.org
Resource:
Patch
Hyperlink:
https://github.com/webmproject/libvpx/commit/df9fd9d5b7325060b2b921558a1eb20ca7880937
Source:
cve@mitre.org
Resource:
Patch
Hyperlink:
https://github.com/webmproject/libvpx/compare/v1.13.0...v1.13.1
Source:
cve@mitre.org
Resource:
Patch
Hyperlink:
https://github.com/webmproject/libvpx/releases/tag/v1.13.1
Source:
cve@mitre.org
Resource:
Release Notes
Hyperlink:
https://lists.debian.org/debian-lts-announce/2023/10/msg00001.html
Source:
cve@mitre.org
Resource:
Mailing List
Hyperlink:
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TE7F54W5O5RS4ZMAAC7YK3CZWQXIDSKB/
Source:
cve@mitre.org
Resource:
Mailing List
Third Party Advisory
Hyperlink:
https://security.gentoo.org/glsa/202310-04
Source:
cve@mitre.org
Resource:
Third Party Advisory
Hyperlink:
https://www.debian.org/security/2023/dsa-5518
Source:
cve@mitre.org
Resource:
Third Party Advisory
Change History
0
Information is not available yet
Similar CVEs
0
Records found
Details not found