It was discovered that libvpx did not properly handle certain malformed WebM media files. If an application using libvpx opened a specially crafted WebM file, a remote attacker could cause a denial of service, or possibly execute arbitrary code.
{ "binaries": [ { "binary_name": "libvpx-dev", "binary_version": "1.7.0-3ubuntu0.18.04.1" }, { "binary_name": "libvpx5", "binary_version": "1.7.0-3ubuntu0.18.04.1" }, { "binary_name": "vpx-tools", "binary_version": "1.7.0-3ubuntu0.18.04.1" } ], "availability": "No subscription required" }