Nixpkgs Security Tracker

Untriaged

Permalink CVE-2023-6349

created 6 months ago

Heap overflow in libvpx

A heap overflow vulnerability exists in libvpx - Encoding a frame that has larger dimensions than the originally configured size with VP9 may result in a heap overflow in libvpx. We recommend upgrading to version 1.13.1 or above

References

https://crbug.com/webm/1642
https://crbug.com/webm/1642
https://crbug.com/webm/1642 x_transferred

Affected products

libvpx

<1.13.1

Matching in nixpkgs

pkgs.libvpx

WebM VP8/VP9 codec SDK

nixos-unstable -
- nixpkgs-unstable 1.15.2

Package maintainers

@codyopel Cody Opel <codyopel@gmail.com>

Suggestion detail

References

Affected products

Matching in nixpkgs

pkgs.libvpx

Package maintainers