UBUNTU-CVE-2019-9746

See a problem?
Please try reporting it to the source first.

Source

https://ubuntu.com/security/CVE-2019-9746

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2019/UBUNTU-CVE-2019-9746.json

JSON Data

https://api.osv.dev/v1/vulns/UBUNTU-CVE-2019-9746

Upstream

CVE-2019-9746

Published

2019-03-13T16:29:00Z

Modified

2025-07-14T06:34:15.170483Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- low

Summary

[none]

Details

In libwebm before 2019-03-08, a NULL pointer dereference caused by the functions OutputCluster and OutputTracks in webm_info.cc will trigger an abort, which allows a DoS attack, a similar issue to CVE-2018-19212.

References

Affected packages

Ubuntu:Pro:16.04:LTS / oxide-qt

Package

Name: oxide-qt
Purl: pkg:deb/ubuntu/oxide-qt@1.21.5-0ubuntu0.16.04.1?arch=source&distro=esm-infra/xenial

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

1.*

1.9.5-0ubuntu1

1.10.3-0ubuntu0.15.10.1

1.10.3-0ubuntu0.15.10.2

1.11.3-0ubuntu3

1.11.4-0ubuntu1

1.11.5-0ubuntu1

1.12.5-0ubuntu1

1.12.6-0ubuntu1

1.12.7-0ubuntu1

1.13.6-0ubuntu1

1.14.7-0ubuntu1

1.14.9-0ubuntu0.16.04.1

1.15.7-0ubuntu0.16.04.1

1.15.8-0ubuntu0.16.04.1

1.16.5-0ubuntu0.16.04.1

1.17.7-0ubuntu0.16.04.1

1.17.9-0ubuntu0.16.04.1

1.18.3-0ubuntu0.16.04.1

1.18.5-0ubuntu0.16.04.1

1.19.4-0ubuntu0.16.04.1

1.20.4-0ubuntu0.16.04.1

1.21.5-0ubuntu0.16.04.1

Ubuntu:Pro:18.04:LTS / qtwebengine-opensource-src

Package

Name: qtwebengine-opensource-src
Purl: pkg:deb/ubuntu/qtwebengine-opensource-src@5.9.5+dfsg-0ubuntu2?arch=source&distro=esm-apps/bionic

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

5.*

5.9.1+dfsg-4

5.9.1+dfsg-4ubuntu1

5.9.2+dfsg-2ubuntu1

5.9.3+dfsg-0ubuntu1

5.9.4+dfsg-0ubuntu1

5.9.5+dfsg-0ubuntu2

Ubuntu:Pro:20.04:LTS / qtwebengine-opensource-src

Package

Name: qtwebengine-opensource-src
Purl: pkg:deb/ubuntu/qtwebengine-opensource-src@5.12.8+dfsg-0ubuntu1.1?arch=source&distro=esm-apps/focal

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

5.*

5.12.4+dfsg-1ubuntu1

5.12.4+dfsg-1ubuntu3

5.12.5+dfsg-3ubuntu1

5.12.5+dfsg-6ubuntu2

5.12.5+dfsg-7

5.12.5+dfsg-7build1

5.12.8+dfsg-0ubuntu1

5.12.8+dfsg-0ubuntu1.1

Ubuntu:22.04:LTS / qtwebengine-opensource-src

Package

Name: qtwebengine-opensource-src
Purl: pkg:deb/ubuntu/qtwebengine-opensource-src@5.15.9+dfsg-1?arch=source&distro=jammy

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

5.*

5.15.6+dfsg-1

5.15.6+dfsg-2

5.15.7+dfsg-2

5.15.8+dfsg-1

5.15.8+dfsg-1build1

5.15.8+dfsg-1build2

5.15.8+dfsg-2

5.15.9+dfsg-1

Ubuntu:24.04:LTS / qtwebengine-opensource-src

Package

Name: qtwebengine-opensource-src
Purl: pkg:deb/ubuntu/qtwebengine-opensource-src@5.15.16+dfsg-3?arch=source&distro=noble

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

5.*

5.15.15+dfsg-2

5.15.15+dfsg-2build2

5.15.15+dfsg-2ubuntu1

5.15.16+dfsg-1

5.15.16+dfsg-1ubuntu2

5.15.16+dfsg-1ubuntu4

5.15.16+dfsg-3

Ubuntu:25.04 / qtwebengine-opensource-src

Package

Name: qtwebengine-opensource-src
Purl: pkg:deb/ubuntu/qtwebengine-opensource-src@5.15.18+dfsg-2?arch=source&distro=plucky

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

5.*

5.15.17+dfsg-4

5.15.17+dfsg-5

5.15.17+dfsg2-1

5.15.17+dfsg2-2

5.15.17+dfsg2-3

5.15.18+dfsg-1

5.15.18+dfsg-2