This might be proprietary software.

#Vulnerabilities 4
Date Id Summary Products Score Patch Annotated
2023-09-28 CVE-2023-5217 Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Ipad_os, Iphone_os, Debian_linux, Fedora, Edge, Edge_chromium, Firefox, Firefox_esr, Firefox_focus, Thunderbird, Libvpx 8.8
2023-09-30 CVE-2023-44488 VP9 in libvpx before 1.13.1 mishandles widths, leading to a crash related to encoding. Debian_linux, Fedora, Enterprise_linux, Libvpx 7.5
2010-11-06 CVE-2010-4203 WebM libvpx (aka the VP8 Codec SDK) before 0.9.5, as used in Google Chrome before 7.0.517.44, allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via invalid frames. Chrome, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation, Libvpx 9.8
2012-02-23 CVE-2012-0823 VP8 Codec SDK (libvpx) before 1.0.0 "Duclair" allows remote attackers to cause a denial of service (application crash) via (1) unspecified "corrupt input" or (2) by "starting decoding from a P-frame," which triggers an out-of-bounds read, related to "the clamping of motion vectors in SPLITMV blocks". Libvpx N/A