Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-6349

A heap overflow vulnerability exists in libvpx - Encoding a frame that has larger dimensions than the originally configured size with VP9 may result in a heap overflow in libvpx. We recommend upgrading to version 1.13.1 or above

Published

2024-05-27T12:15:08.810

Last Modified

2025-07-22T20:08:40.183

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 7.5 (HIGH)

Weaknesses

Type: Secondary
CWE-122
Type: Primary
CWE-787

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	webmproject	libvpx	< 1.13.1	Yes

References

https://crbug.com/webm/1642 Exploit, Issue Tracking ([email protected])
https://crbug.com/webm/1642 Exploit, Issue Tracking (af854a3a-2127-422b-91ae-364da2661108)