Vulnerability-Lookup

CVE-2019-9371 (GCVE-0-2019-9371)

Vulnerability from cvelistv5 – Published: 2019-09-27 18:05 – Updated: 2024-08-04 21:46

Summary

In libvpx, there is a possible resource exhaustion due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-132783254

Severity ?

No CVSS data available.

CWE

Denial of service

Assigner

google_android

References

URL

	Vendor	Product	Version
	n/a	Android	Affected: Android-10

CERTFR-2019-AVI-405

Vulnerability from certfr_avis - Published: 2019-08-21 - Updated: 2019-08-21

De multiples vulnérabilités ont été découvertes dans Google Android. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Google	Android	Android version Q sans le correctif de sécurité 2019-09-01

References

Title

Publication Time

Tags

Bulletin de sécurité Android du 20 août 2019

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Android version Q sans le correctif de s\u00e9curit\u00e9 2019-09-01",
      "product": {
        "name": "Android",
        "vendor": {
          "name": "Google",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2019-9348",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9348"
    },
    {
      "name": "CVE-2019-9352",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9352"
    },
    {
      "name": "CVE-2019-9350",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9350"
    },
    {
      "name": "CVE-2019-9427",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9427"
    },
    {
      "name": "CVE-2019-9397",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9397"
    },
    {
      "name": "CVE-2019-9256",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9256"
    },
    {
      "name": "CVE-2019-9344",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9344"
    },
    {
      "name": "CVE-2019-9252",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9252"
    },
    {
      "name": "CVE-2019-2059",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2059"
    },
    {
      "name": "CVE-2019-2169",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2169"
    },
    {
      "name": "CVE-2019-2071",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2071"
    },
    {
      "name": "CVE-2019-2142",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2142"
    },
    {
      "name": "CVE-2019-9407",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9407"
    },
    {
      "name": "CVE-2019-9302",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9302"
    },
    {
      "name": "CVE-2019-9281",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9281"
    },
    {
      "name": "CVE-2019-9423",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9423"
    },
    {
      "name": "CVE-2019-9405",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9405"
    },
    {
      "name": "CVE-2019-2159",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2159"
    },
    {
      "name": "CVE-2019-9388",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9388"
    },
    {
      "name": "CVE-2019-9363",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9363"
    },
    {
      "name": "CVE-2019-9404",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9404"
    },
    {
      "name": "CVE-2019-9424",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9424"
    },
    {
      "name": "CVE-2019-9411",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9411"
    },
    {
      "name": "CVE-2019-9354",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9354"
    },
    {
      "name": "CVE-2019-2063",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2063"
    },
    {
      "name": "CVE-2019-2087",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2087"
    },
    {
      "name": "CVE-2019-9359",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9359"
    },
    {
      "name": "CVE-2019-9356",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9356"
    },
    {
      "name": "CVE-2019-2155",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2155"
    },
    {
      "name": "CVE-2019-9460",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9460"
    },
    {
      "name": "CVE-2019-9387",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9387"
    },
    {
      "name": "CVE-2019-9367",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9367"
    },
    {
      "name": "CVE-2019-9317",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9317"
    },
    {
      "name": "CVE-2019-2069",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2069"
    },
    {
      "name": "CVE-2019-9307",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9307"
    },
    {
      "name": "CVE-2019-9389",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9389"
    },
    {
      "name": "CVE-2019-2077",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2077"
    },
    {
      "name": "CVE-2019-9272",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9272"
    },
    {
      "name": "CVE-2019-2162",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2162"
    },
    {
      "name": "CVE-2019-9334",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9334"
    },
    {
      "name": "CVE-2019-9385",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9385"
    },
    {
      "name": "CVE-2019-9362",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9362"
    },
    {
      "name": "CVE-2019-9262",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9262"
    },
    {
      "name": "CVE-2019-9360",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9360"
    },
    {
      "name": "CVE-2019-2070",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2070"
    },
    {
      "name": "CVE-2019-9406",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9406"
    },
    {
      "name": "CVE-2019-9284",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9284"
    },
    {
      "name": "CVE-2019-9236",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9236"
    },
    {
      "name": "CVE-2019-2148",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2148"
    },
    {
      "name": "CVE-2019-2157",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2157"
    },
    {
      "name": "CVE-2019-9314",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9314"
    },
    {
      "name": "CVE-2019-9412",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9412"
    },
    {
      "name": "CVE-2019-2062",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2062"
    },
    {
      "name": "CVE-2019-9246",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9246"
    },
    {
      "name": "CVE-2019-9300",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9300"
    },
    {
      "name": "CVE-2019-9459",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9459"
    },
    {
      "name": "CVE-2019-9383",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9383"
    },
    {
      "name": "CVE-2019-9292",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9292"
    },
    {
      "name": "CVE-2019-9322",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9322"
    },
    {
      "name": "CVE-2019-9311",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9311"
    },
    {
      "name": "CVE-2019-9377",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9377"
    },
    {
      "name": "CVE-2019-9303",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9303"
    },
    {
      "name": "CVE-2019-9429",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9429"
    },
    {
      "name": "CVE-2019-9290",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9290"
    },
    {
      "name": "CVE-2019-9361",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9361"
    },
    {
      "name": "CVE-2019-9319",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9319"
    },
    {
      "name": "CVE-2019-9365",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9365"
    },
    {
      "name": "CVE-2019-2073",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2073"
    },
    {
      "name": "CVE-2019-9434",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9434"
    },
    {
      "name": "CVE-2019-9433",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9433"
    },
    {
      "name": "CVE-2019-9326",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9326"
    },
    {
      "name": "CVE-2019-9313",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9313"
    },
    {
      "name": "CVE-2019-9413",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9413"
    },
    {
      "name": "CVE-2019-9232",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9232"
    },
    {
      "name": "CVE-2019-9277",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9277"
    },
    {
      "name": "CVE-2019-9364",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9364"
    },
    {
      "name": "CVE-2019-9419",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9419"
    },
    {
      "name": "CVE-2019-9422",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9422"
    },
    {
      "name": "CVE-2019-9430",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9430"
    },
    {
      "name": "CVE-2019-2072",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2072"
    },
    {
      "name": "CVE-2019-2141",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2141"
    },
    {
      "name": "CVE-2019-9349",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9349"
    },
    {
      "name": "CVE-2019-9297",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9297"
    },
    {
      "name": "CVE-2019-9255",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9255"
    },
    {
      "name": "CVE-2019-9332",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9332"
    },
    {
      "name": "CVE-2019-2153",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2153"
    },
    {
      "name": "CVE-2019-2067",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2067"
    },
    {
      "name": "CVE-2019-2163",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2163"
    },
    {
      "name": "CVE-2019-9264",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9264"
    },
    {
      "name": "CVE-2019-2138",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2138"
    },
    {
      "name": "CVE-2019-2166",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2166"
    },
    {
      "name": "CVE-2019-9374",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9374"
    },
    {
      "name": "CVE-2019-9366",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9366"
    },
    {
      "name": "CVE-2019-2081",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2081"
    },
    {
      "name": "CVE-2019-9265",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9265"
    },
    {
      "name": "CVE-2019-9253",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9253"
    },
    {
      "name": "CVE-2019-9382",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9382"
    },
    {
      "name": "CVE-2019-9309",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9309"
    },
    {
      "name": "CVE-2019-2150",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2150"
    },
    {
      "name": "CVE-2019-9321",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9321"
    },
    {
      "name": "CVE-2019-2139",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2139"
    },
    {
      "name": "CVE-2019-9410",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9410"
    },
    {
      "name": "CVE-2019-2078",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2078"
    },
    {
      "name": "CVE-2019-2140",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2140"
    },
    {
      "name": "CVE-2019-9280",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9280"
    },
    {
      "name": "CVE-2019-2080",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2080"
    },
    {
      "name": "CVE-2019-9241",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9241"
    },
    {
      "name": "CVE-2019-2145",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2145"
    },
    {
      "name": "CVE-2019-2172",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2172"
    },
    {
      "name": "CVE-2019-9432",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9432"
    },
    {
      "name": "CVE-2019-2074",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2074"
    },
    {
      "name": "CVE-2019-9395",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9395"
    },
    {
      "name": "CVE-2019-9381",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9381"
    },
    {
      "name": "CVE-2019-9263",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9263"
    },
    {
      "name": "CVE-2019-9414",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9414"
    },
    {
      "name": "CVE-2019-9257",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9257"
    },
    {
      "name": "CVE-2019-2160",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2160"
    },
    {
      "name": "CVE-2019-9323",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9323"
    },
    {
      "name": "CVE-2019-9435",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9435"
    },
    {
      "name": "CVE-2019-2066",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2066"
    },
    {
      "name": "CVE-2019-9269",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9269"
    },
    {
      "name": "CVE-2019-9392",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9392"
    },
    {
      "name": "CVE-2019-9312",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9312"
    },
    {
      "name": "CVE-2019-2082",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2082"
    },
    {
      "name": "CVE-2019-2154",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2154"
    },
    {
      "name": "CVE-2019-9286",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9286"
    },
    {
      "name": "CVE-2019-9261",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9261"
    },
    {
      "name": "CVE-2019-9420",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9420"
    },
    {
      "name": "CVE-2019-9342",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9342"
    },
    {
      "name": "CVE-2019-9390",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9390"
    },
    {
      "name": "CVE-2019-2147",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2147"
    },
    {
      "name": "CVE-2019-2064",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2064"
    },
    {
      "name": "CVE-2019-9247",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9247"
    },
    {
      "name": "CVE-2019-9258",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9258"
    },
    {
      "name": "CVE-2019-2164",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2164"
    },
    {
      "name": "CVE-2019-9331",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9331"
    },
    {
      "name": "CVE-2019-2084",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2084"
    },
    {
      "name": "CVE-2019-9335",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9335"
    },
    {
      "name": "CVE-2019-9250",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9250"
    },
    {
      "name": "CVE-2019-2055",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2055"
    },
    {
      "name": "CVE-2019-9308",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9308"
    },
    {
      "name": "CVE-2019-9379",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9379"
    },
    {
      "name": "CVE-2019-9242",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9242"
    },
    {
      "name": "CVE-2019-9353",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9353"
    },
    {
      "name": "CVE-2019-2083",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2083"
    },
    {
      "name": "CVE-2019-2079",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2079"
    },
    {
      "name": "CVE-2019-9337",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9337"
    },
    {
      "name": "CVE-2019-9237",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9237"
    },
    {
      "name": "CVE-2019-9283",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9283"
    },
    {
      "name": "CVE-2019-9234",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9234"
    },
    {
      "name": "CVE-2019-9243",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9243"
    },
    {
      "name": "CVE-2019-9259",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9259"
    },
    {
      "name": "CVE-2019-9310",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9310"
    },
    {
      "name": "CVE-2019-9301",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9301"
    },
    {
      "name": "CVE-2019-9279",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9279"
    },
    {
      "name": "CVE-2019-9369",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9369"
    },
    {
      "name": "CVE-2019-2065",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2065"
    },
    {
      "name": "CVE-2019-9299",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9299"
    },
    {
      "name": "CVE-2019-9235",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9235"
    },
    {
      "name": "CVE-2019-9346",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9346"
    },
    {
      "name": "CVE-2019-9376",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9376"
    },
    {
      "name": "CVE-2019-9370",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9370"
    },
    {
      "name": "CVE-2019-9289",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9289"
    },
    {
      "name": "CVE-2019-9329",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9329"
    },
    {
      "name": "CVE-2019-9327",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9327"
    },
    {
      "name": "CVE-2018-9489",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-9489"
    },
    {
      "name": "CVE-2019-9402",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9402"
    },
    {
      "name": "CVE-2019-2144",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2144"
    },
    {
      "name": "CVE-2019-9398",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9398"
    },
    {
      "name": "CVE-2019-9315",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9315"
    },
    {
      "name": "CVE-2019-9338",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9338"
    },
    {
      "name": "CVE-2019-9415",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9415"
    },
    {
      "name": "CVE-2019-9440",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9440"
    },
    {
      "name": "CVE-2019-9287",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9287"
    },
    {
      "name": "CVE-2019-9285",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9285"
    },
    {
      "name": "CVE-2019-9320",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9320"
    },
    {
      "name": "CVE-2019-9316",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9316"
    },
    {
      "name": "CVE-2019-9233",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9233"
    },
    {
      "name": "CVE-2019-9355",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9355"
    },
    {
      "name": "CVE-2019-2152",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2152"
    },
    {
      "name": "CVE-2019-2165",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2165"
    },
    {
      "name": "CVE-2019-9380",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9380"
    },
    {
      "name": "CVE-2019-9368",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9368"
    },
    {
      "name": "CVE-2019-9372",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9372"
    },
    {
      "name": "CVE-2019-9318",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9318"
    },
    {
      "name": "CVE-2019-9403",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9403"
    },
    {
      "name": "CVE-2018-9425",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-9425"
    },
    {
      "name": "CVE-2019-9244",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9244"
    },
    {
      "name": "CVE-2019-9295",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9295"
    },
    {
      "name": "CVE-2019-9306",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9306"
    },
    {
      "name": "CVE-2019-9375",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9375"
    },
    {
      "name": "CVE-2019-2146",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2146"
    },
    {
      "name": "CVE-2019-2068",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2068"
    },
    {
      "name": "CVE-2019-2171",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2171"
    },
    {
      "name": "CVE-2019-9268",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9268"
    },
    {
      "name": "CVE-2019-9400",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9400"
    },
    {
      "name": "CVE-2019-9336",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9336"
    },
    {
      "name": "CVE-2019-9416",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9416"
    },
    {
      "name": "CVE-2019-9438",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9438"
    },
    {
      "name": "CVE-2019-9343",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9343"
    },
    {
      "name": "CVE-2019-9401",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9401"
    },
    {
      "name": "CVE-2019-2167",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2167"
    },
    {
      "name": "CVE-2019-9288",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9288"
    },
    {
      "name": "CVE-2019-9238",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9238"
    },
    {
      "name": "CVE-2019-9333",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9333"
    },
    {
      "name": "CVE-2019-9347",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9347"
    },
    {
      "name": "CVE-2019-9325",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9325"
    },
    {
      "name": "CVE-2019-2075",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2075"
    },
    {
      "name": "CVE-2019-9240",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9240"
    },
    {
      "name": "CVE-2019-2149",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2149"
    },
    {
      "name": "CVE-2019-9294",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9294"
    },
    {
      "name": "CVE-2019-9421",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9421"
    },
    {
      "name": "CVE-2019-9239",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9239"
    },
    {
      "name": "CVE-2019-9341",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9341"
    },
    {
      "name": "CVE-2019-2156",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2156"
    },
    {
      "name": "CVE-2019-9418",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9418"
    },
    {
      "name": "CVE-2019-9304",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9304"
    },
    {
      "name": "CVE-2019-2158",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2158"
    },
    {
      "name": "CVE-2019-2061",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2061"
    },
    {
      "name": "CVE-2019-9328",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9328"
    },
    {
      "name": "CVE-2019-9409",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9409"
    },
    {
      "name": "CVE-2019-9251",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9251"
    },
    {
      "name": "CVE-2019-9386",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9386"
    },
    {
      "name": "CVE-2019-9378",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9378"
    },
    {
      "name": "CVE-2019-9357",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9357"
    },
    {
      "name": "CVE-2019-9266",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9266"
    },
    {
      "name": "CVE-2019-9431",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9431"
    },
    {
      "name": "CVE-2019-2143",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2143"
    },
    {
      "name": "CVE-2019-2168",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2168"
    },
    {
      "name": "CVE-2019-9417",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9417"
    },
    {
      "name": "CVE-2019-9394",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9394"
    },
    {
      "name": "CVE-2019-9282",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9282"
    },
    {
      "name": "CVE-2019-9391",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9391"
    },
    {
      "name": "CVE-2019-2170",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2170"
    },
    {
      "name": "CVE-2019-9291",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9291"
    },
    {
      "name": "CVE-2019-9296",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9296"
    },
    {
      "name": "CVE-2019-9351",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9351"
    },
    {
      "name": "CVE-2019-2076",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2076"
    },
    {
      "name": "CVE-2019-2086",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2086"
    },
    {
      "name": "CVE-2019-9399",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9399"
    },
    {
      "name": "CVE-2019-2151",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2151"
    },
    {
      "name": "CVE-2019-9425",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9425"
    },
    {
      "name": "CVE-2019-9384",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9384"
    },
    {
      "name": "CVE-2019-9408",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9408"
    },
    {
      "name": "CVE-2019-9305",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9305"
    },
    {
      "name": "CVE-2019-2085",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2085"
    },
    {
      "name": "CVE-2019-9249",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9249"
    },
    {
      "name": "CVE-2019-9330",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9330"
    },
    {
      "name": "CVE-2019-9260",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9260"
    },
    {
      "name": "CVE-2019-2060",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2060"
    },
    {
      "name": "CVE-2019-9396",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9396"
    },
    {
      "name": "CVE-2019-9293",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9293"
    },
    {
      "name": "CVE-2019-9428",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9428"
    },
    {
      "name": "CVE-2019-9358",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9358"
    },
    {
      "name": "CVE-2019-9371",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9371"
    },
    {
      "name": "CVE-2019-9393",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9393"
    },
    {
      "name": "CVE-2019-2161",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2161"
    },
    {
      "name": "CVE-2019-9278",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9278"
    },
    {
      "name": "CVE-2019-9373",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9373"
    },
    {
      "name": "CVE-2019-9298",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9298"
    }
  ],
  "initial_release_date": "2019-08-21T00:00:00",
  "last_revision_date": "2019-08-21T00:00:00",
  "links": [],
  "reference": "CERTFR-2019-AVI-405",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2019-08-21T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Google Android.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance\net une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Google Android",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Android du 20 ao\u00fbt 2019",
      "url": "https://source.android.com/security/bulletin/android-q.html"
    }
  ]
}

CVE-2019-9371

Vulnerability from osv_almalinux

Published

2020-11-03 12:21

Modified

2021-11-12 10:20

Summary

Moderate: libvpx security update

Details

The libvpx packages provide the VP8 SDK, which allows the encoding and decoding of the VP8 video codec, commonly used with the WebM multimedia container file format.

Security Fix(es):

libvpx: Double free in ParseContentEncodingEntry() in mkvparser.cc (CVE-2019-2126)
libvpx: Out of bounds read in vp8_norm table (CVE-2019-9232)
libvpx: Resource exhaustion after memory leak in mkvparser.cc (CVE-2019-9371)
libvpx: Use-after-free in vp8_deblock() in vp8/common/postproc.c (CVE-2019-9433)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "libvpx"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.7.0-8.el8"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "libvpx-devel"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.7.0-8.el8"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "details": "The libvpx packages provide the VP8 SDK, which allows the encoding and decoding of the VP8 video codec, commonly used with the WebM multimedia container file format.\n\nSecurity Fix(es):\n\n* libvpx: Double free in ParseContentEncodingEntry() in mkvparser.cc (CVE-2019-2126)\n\n* libvpx: Out of bounds read in vp8_norm table (CVE-2019-9232)\n\n* libvpx: Resource exhaustion after memory leak in mkvparser.cc (CVE-2019-9371)\n\n* libvpx: Use-after-free in vp8_deblock() in vp8/common/postproc.c (CVE-2019-9433)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.",
  "id": "ALSA-2020:4629",
  "modified": "2021-11-12T10:20:56Z",
  "published": "2020-11-03T12:21:50Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://errata.almalinux.org/8/ALSA-2020-4629.html"
    },
    {
      "type": "REPORT",
      "url": "https://vulners.com/cve/CVE-2019-2126"
    },
    {
      "type": "REPORT",
      "url": "https://vulners.com/cve/CVE-2019-9232"
    },
    {
      "type": "REPORT",
      "url": "https://vulners.com/cve/CVE-2019-9371"
    },
    {
      "type": "REPORT",
      "url": "https://vulners.com/cve/CVE-2019-9433"
    }
  ],
  "related": [
    "CVE-2019-2126",
    "CVE-2019-9232",
    "CVE-2019-9371",
    "CVE-2019-9433"
  ],
  "summary": "Moderate: libvpx security update"
}

CNVD-2019-40055

Vulnerability from cnvd - Published: 2019-11-08

Title

Google Android Media Framework拒绝服务漏洞（CNVD-2019-40055）

Description

Android是美国谷歌（Google）和开放手持设备联盟（简称OHA）的一套以Linux为基础的开源操作系统。Media Framework是其中的一个多媒体开发框架。 Android中的Media framework存在拒绝服务漏洞。攻击者可利用该漏洞造成拒绝服务。

Severity

高

Patch Name

Google Android Media Framework拒绝服务漏洞（CNVD-2019-40055）的补丁

Patch Description

Android是美国谷歌（Google）和开放手持设备联盟（简称OHA）的一套以Linux为基础的开源操作系统。Media Framework是其中的一个多媒体开发框架。 Android中的Media framework存在拒绝服务漏洞。攻击者可利用该漏洞造成拒绝服务。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

目前厂商已经发布了升级补丁以修复此安全问题，补丁获取链接： https://source.android.com/security/bulletin/android-q.html

Reference

https://source.android.com/security/bulletin/android-q.html

Impacted products

Name
Google Android 10

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2019-9371",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2019-9371"
    }
  },
  "description": "Android\u662f\u7f8e\u56fd\u8c37\u6b4c\uff08Google\uff09\u548c\u5f00\u653e\u624b\u6301\u8bbe\u5907\u8054\u76df\uff08\u7b80\u79f0OHA\uff09\u7684\u4e00\u5957\u4ee5Linux\u4e3a\u57fa\u7840\u7684\u5f00\u6e90\u64cd\u4f5c\u7cfb\u7edf\u3002Media Framework\u662f\u5176\u4e2d\u7684\u4e00\u4e2a\u591a\u5a92\u4f53\u5f00\u53d1\u6846\u67b6\u3002\n\nAndroid\u4e2d\u7684Media framework\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\u3002",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6b64\u5b89\u5168\u95ee\u9898\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://source.android.com/security/bulletin/android-q.html",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2019-40055",
  "openTime": "2019-11-08",
  "patchDescription": "Android\u662f\u7f8e\u56fd\u8c37\u6b4c\uff08Google\uff09\u548c\u5f00\u653e\u624b\u6301\u8bbe\u5907\u8054\u76df\uff08\u7b80\u79f0OHA\uff09\u7684\u4e00\u5957\u4ee5Linux\u4e3a\u57fa\u7840\u7684\u5f00\u6e90\u64cd\u4f5c\u7cfb\u7edf\u3002Media Framework\u662f\u5176\u4e2d\u7684\u4e00\u4e2a\u591a\u5a92\u4f53\u5f00\u53d1\u6846\u67b6\u3002\r\n\r\nAndroid\u4e2d\u7684Media framework\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Google Android Media Framework\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff08CNVD-2019-40055\uff09\u7684\u8865\u4e01",
  "products": {
    "product": "Google Android 10"
  },
  "referenceLink": "https://source.android.com/security/bulletin/android-q.html",
  "serverity": "\u9ad8",
  "submitTime": "2019-08-27",
  "title": "Google Android Media Framework\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff08CNVD-2019-40055\uff09"
}

FKIE_CVE-2019-9371

Vulnerability from fkie_nvd - Published: 2019-09-27 19:15 - Updated: 2024-11-21 04:51

Severity ?

6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Summary

References

URL	Tags
security@android.com	http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00049.html	Mailing List, Third Party Advisory
security@android.com	http://www.openwall.com/lists/oss-security/2019/10/25/17	Mailing List
security@android.com	http://www.openwall.com/lists/oss-security/2019/10/27/1	Mailing List
security@android.com	http://www.openwall.com/lists/oss-security/2019/11/07/1	Mailing List
security@android.com	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DQSTK442ATWJOR4TU3MR6C3N5A6NDFFN/
security@android.com	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U2IIA3RSYABBUCFIHXIRVUT5CTJVWWZ6/
security@android.com	https://seclists.org/bugtraq/2019/Nov/43	Mailing List, Third Party Advisory
security@android.com	https://security.gentoo.org/glsa/202003-59	Third Party Advisory
security@android.com	https://source.android.com/security/bulletin/android-10	Vendor Advisory
security@android.com	https://usn.ubuntu.com/4199-1/	Third Party Advisory
security@android.com	https://www.debian.org/security/2019/dsa-4578	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00049.html	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2019/10/25/17	Mailing List
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2019/10/27/1	Mailing List
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2019/11/07/1	Mailing List
af854a3a-2127-422b-91ae-364da2661108	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DQSTK442ATWJOR4TU3MR6C3N5A6NDFFN/
af854a3a-2127-422b-91ae-364da2661108	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U2IIA3RSYABBUCFIHXIRVUT5CTJVWWZ6/
af854a3a-2127-422b-91ae-364da2661108	https://seclists.org/bugtraq/2019/Nov/43	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://security.gentoo.org/glsa/202003-59	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://source.android.com/security/bulletin/android-10	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://usn.ubuntu.com/4199-1/	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.debian.org/security/2019/dsa-4578	Third Party Advisory

Impacted products

Vendor	Product	Version
google	android	10.0
opensuse	leap	15.1
fedoraproject	fedora	30
fedoraproject	fedora	31
debian	debian_linux	9.0
debian	debian_linux	10.0
canonical	ubuntu_linux	16.04
canonical	ubuntu_linux	18.04
canonical	ubuntu_linux	19.04

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B620311B-34A3-48A6-82DF-6F078D7A4493",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*",
              "matchCriteriaId": "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*",
              "matchCriteriaId": "80F0FA5D-8D3B-4C0E-81E2-87998286AF33",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*",
              "matchCriteriaId": "7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
              "matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD783B0C-9246-47D9-A937-6144FE8BFF0F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In libvpx, there is a possible resource exhaustion due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-132783254"
    },
    {
      "lang": "es",
      "value": "En libvpx, se presenta un posible agotamiento de recursos debido a una comprobaci\u00f3n de entrada inapropiada. Esto podr\u00eda conllevar a una denegaci\u00f3n de servicio remota sin ser necesarios privilegios de ejecuci\u00f3n adicionales. Es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. Producto: Android, Versiones: Android-10, ID de Android: A-132783254"
    }
  ],
  "id": "CVE-2019-9371",
  "lastModified": "2024-11-21T04:51:31.087",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.1,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-09-27T19:15:24.703",
  "references": [
    {
      "source": "security@android.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00049.html"
    },
    {
      "source": "security@android.com",
      "tags": [
        "Mailing List"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2019/10/25/17"
    },
    {
      "source": "security@android.com",
      "tags": [
        "Mailing List"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2019/10/27/1"
    },
    {
      "source": "security@android.com",
      "tags": [
        "Mailing List"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2019/11/07/1"
    },
    {
      "source": "security@android.com",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DQSTK442ATWJOR4TU3MR6C3N5A6NDFFN/"
    },
    {
      "source": "security@android.com",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U2IIA3RSYABBUCFIHXIRVUT5CTJVWWZ6/"
    },
    {
      "source": "security@android.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://seclists.org/bugtraq/2019/Nov/43"
    },
    {
      "source": "security@android.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.gentoo.org/glsa/202003-59"
    },
    {
      "source": "security@android.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://source.android.com/security/bulletin/android-10"
    },
    {
      "source": "security@android.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://usn.ubuntu.com/4199-1/"
    },
    {
      "source": "security@android.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.debian.org/security/2019/dsa-4578"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00049.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2019/10/25/17"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2019/10/27/1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2019/11/07/1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DQSTK442ATWJOR4TU3MR6C3N5A6NDFFN/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U2IIA3RSYABBUCFIHXIRVUT5CTJVWWZ6/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://seclists.org/bugtraq/2019/Nov/43"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.gentoo.org/glsa/202003-59"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://source.android.com/security/bulletin/android-10"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://usn.ubuntu.com/4199-1/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.debian.org/security/2019/dsa-4578"
    }
  ],
  "sourceIdentifier": "security@android.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2019-9371

Vulnerability from fstec - Published: 27.09.2019

Title

Уязвимость библиотеки мультимедиа libvpx, связанная с недостаточной проверкой вводимых данных, позволяющая нарушителю вызвать отказ в обслуживании

Description

Уязвимость библиотеки мультимедиа libvpx связана с недостаточной проверкой вводимых данных. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, вызвать отказ в обслуживании

Severity ?


                    
                      AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Vendor

Canonical Ltd., Сообщество свободного программного обеспечения, Red Hat Inc., Novell Inc., Fedora Project, The WebM Project, АО «Концерн ВНИИНС»

Software Name

Ubuntu, Debian GNU/Linux, Red Hat Enterprise Linux, OpenSUSE Leap, Fedora, libvpx, ОС ОН «Стрелец» (запись в едином реестре российских программ №6177)

Software Version

16.04 LTS (Ubuntu), 9 (Debian GNU/Linux), 18.04 LTS (Ubuntu), 19.04 (Ubuntu), 8 (Red Hat Enterprise Linux), 15.1 (OpenSUSE Leap), 30 (Fedora), 8 (Debian GNU/Linux), 10 (Debian GNU/Linux), 31 (Fedora), до 1.3.0-3 (libvpx), до 16.01.2023 (ОС ОН «Стрелец»)

Possible Mitigations

Использование рекомендаций: Для Libvpx: Обновление программного обеспечения до 1.8.2-1 или более поздней версии Для Debian GNU/Linux: Обновление программного обеспечения (пакета libvpx) до 1.6.1-3+deb9u2 или более поздней версии Для программных продуктов Novell Inc.: https://lists.opensuse.org/opensuse-security-announce/2020-01/msg00049.html Для программных продуктов Red Hat Inc.: https://access.redhat.com/security/cve/CVE-2019-9371 Для Fedora: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DQSTK442ATWJOR4TU3MR6C3N5A6NDFFN/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U2IIA3RSYABBUCFIHXIRVUT5CTJVWWZ6/ Для Ubuntu: https://usn.ubuntu.com/4199-1/ Для ОС ОН «Стрелец»: Обновление программного обеспечения libvpx до версии 1.7.0-3+deb10u1.strelets1

Reference

https://lists.opensuse.org/opensuse-security-announce/2020-01/msg00049.html https://access.redhat.com/security/cve/CVE-2019-9371 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DQSTK442ATWJOR4TU3MR6C3N5A6NDFFN/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U2IIA3RSYABBUCFIHXIRVUT5CTJVWWZ6/ https://usn.ubuntu.com/4199-1/ https://source.android.com/security/bulletin/android-10 https://source.android.com/security/bulletin/android-10 https://nvd.nist.gov/vuln/detail/CVE-2019-9371 https://security-tracker.debian.org/tracker/CVE-2019-9371 https://strelets.net/patchi-i-obnovleniya-bezopasnosti#16012023

CWE

CWE-20

JSON

To clipboard

{
  "CVSS 2.0": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
  "CVSS 3.0": "AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Canonical Ltd., \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f, Red Hat Inc., Novell Inc., Fedora Project, The WebM Project, \u0410\u041e \u00ab\u041a\u043e\u043d\u0446\u0435\u0440\u043d \u0412\u041d\u0418\u0418\u041d\u0421\u00bb",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "16.04 LTS (Ubuntu), 9 (Debian GNU/Linux), 18.04 LTS (Ubuntu), 19.04 (Ubuntu), 8 (Red Hat Enterprise Linux), 15.1 (OpenSUSE Leap), 30 (Fedora), 8 (Debian GNU/Linux), 10 (Debian GNU/Linux), 31 (Fedora), \u0434\u043e 1.3.0-3 (libvpx), \u0434\u043e 16.01.2023 (\u041e\u0421 \u041e\u041d \u00ab\u0421\u0442\u0440\u0435\u043b\u0435\u0446\u00bb)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\n\u0414\u043b\u044f Libvpx:\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0434\u043e 1.8.2-1 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438\n\n\u0414\u043b\u044f Debian GNU/Linux:\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f (\u043f\u0430\u043a\u0435\u0442\u0430 libvpx) \u0434\u043e 1.6.1-3+deb9u2 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438\n\n\u0414\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Novell Inc.:\nhttps://lists.opensuse.org/opensuse-security-announce/2020-01/msg00049.html\n\n\u0414\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Red Hat Inc.:\nhttps://access.redhat.com/security/cve/CVE-2019-9371\n\n\u0414\u043b\u044f Fedora:\nhttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DQSTK442ATWJOR4TU3MR6C3N5A6NDFFN/\nhttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U2IIA3RSYABBUCFIHXIRVUT5CTJVWWZ6/\n\n\u0414\u043b\u044f Ubuntu:\nhttps://usn.ubuntu.com/4199-1/\n\n\u0414\u043b\u044f \u041e\u0421 \u041e\u041d \u00ab\u0421\u0442\u0440\u0435\u043b\u0435\u0446\u00bb:\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f libvpx \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 1.7.0-3+deb10u1.strelets1",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "27.09.2019",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "21.11.2023",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "13.05.2020",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2020-02042",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2019-9371",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Ubuntu, Debian GNU/Linux, Red Hat Enterprise Linux, OpenSUSE Leap, Fedora, libvpx, \u041e\u0421 \u041e\u041d \u00ab\u0421\u0442\u0440\u0435\u043b\u0435\u0446\u00bb (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21166177)",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "Canonical Ltd. Ubuntu 16.04 LTS , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 9 , Canonical Ltd. Ubuntu 18.04 LTS , Canonical Ltd. Ubuntu 19.04 , Red Hat Inc. Red Hat Enterprise Linux 8 , Novell Inc. OpenSUSE Leap 15.1 , Fedora Project Fedora 30 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 8 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 10 , Fedora Project Fedora 31 , \u0410\u041e \u00ab\u041a\u043e\u043d\u0446\u0435\u0440\u043d \u0412\u041d\u0418\u0418\u041d\u0421\u00bb \u041e\u0421 \u041e\u041d \u00ab\u0421\u0442\u0440\u0435\u043b\u0435\u0446\u00bb \u0434\u043e 16.01.2023  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21166177)",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0438 \u043c\u0443\u043b\u044c\u0442\u0438\u043c\u0435\u0434\u0438\u0430 libvpx, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u043e\u0439 \u0432\u0432\u043e\u0434\u0438\u043c\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u0430\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0430 \u0432\u0432\u043e\u0434\u0438\u043c\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 (CWE-20)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0438 \u043c\u0443\u043b\u044c\u0442\u0438\u043c\u0435\u0434\u0438\u0430 libvpx \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u043e\u0439 \u0432\u0432\u043e\u0434\u0438\u043c\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u043c\u0438",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://lists.opensuse.org/opensuse-security-announce/2020-01/msg00049.html\nhttps://access.redhat.com/security/cve/CVE-2019-9371\nhttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DQSTK442ATWJOR4TU3MR6C3N5A6NDFFN/\nhttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U2IIA3RSYABBUCFIHXIRVUT5CTJVWWZ6/\nhttps://usn.ubuntu.com/4199-1/\nhttps://source.android.com/security/bulletin/android-10\nhttps://source.android.com/security/bulletin/android-10\nhttps://nvd.nist.gov/vuln/detail/CVE-2019-9371\nhttps://security-tracker.debian.org/tracker/CVE-2019-9371\nhttps://strelets.net/patchi-i-obnovleniya-bezopasnosti#16012023",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430, \u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-20",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,1)\n\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 6,5)"
}

GHSA-9VPR-VRHC-8W49

Vulnerability from github – Published: 2022-05-24 22:00 – Updated: 2022-10-14 12:00

Details

Severity ?

6.5 (Medium)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2019-9371"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-20"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-09-27T19:15:00Z",
    "severity": "HIGH"
  },
  "details": "In libvpx, there is a possible resource exhaustion due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-132783254",
  "id": "GHSA-9vpr-vrhc-8w49",
  "modified": "2022-10-14T12:00:20Z",
  "published": "2022-05-24T22:00:52Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9371"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DQSTK442ATWJOR4TU3MR6C3N5A6NDFFN"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U2IIA3RSYABBUCFIHXIRVUT5CTJVWWZ6"
    },
    {
      "type": "WEB",
      "url": "https://seclists.org/bugtraq/2019/Nov/43"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/202003-59"
    },
    {
      "type": "WEB",
      "url": "https://source.android.com/security/bulletin/android-10"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/4199-1"
    },
    {
      "type": "WEB",
      "url": "https://www.debian.org/security/2019/dsa-4578"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00049.html"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2019/10/25/17"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2019/10/27/1"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2019/11/07/1"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GSD-2019-9371

Vulnerability from gsd - Updated: 2023-12-13 01:23

Details

Aliases

CVE-2019-9371

Aliases

CVE-2019-9371

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2019-9371",
    "description": "In libvpx, there is a possible resource exhaustion due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-132783254",
    "id": "GSD-2019-9371",
    "references": [
      "https://www.suse.com/security/cve/CVE-2019-9371.html",
      "https://www.debian.org/security/2019/dsa-4578",
      "https://access.redhat.com/errata/RHSA-2020:4629",
      "https://ubuntu.com/security/CVE-2019-9371",
      "https://advisories.mageia.org/CVE-2019-9371.html",
      "https://linux.oracle.com/cve/CVE-2019-9371.html"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2019-9371"
      ],
      "details": "In libvpx, there is a possible resource exhaustion due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-132783254",
      "id": "GSD-2019-9371",
      "modified": "2023-12-13T01:23:47.434960Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "security@android.com",
        "ID": "CVE-2019-9371",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Android",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "Android-10"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "In libvpx, there is a possible resource exhaustion due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-132783254"
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "Denial of service"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://source.android.com/security/bulletin/android-10",
            "refsource": "MISC",
            "url": "https://source.android.com/security/bulletin/android-10"
          },
          {
            "name": "[oss-security] 20191025 Security fixes from Android 10 release which are relevant outside the Android ecosystem?",
            "refsource": "MLIST",
            "url": "http://www.openwall.com/lists/oss-security/2019/10/25/17"
          },
          {
            "name": "[oss-security] 20191026 Re: Security fixes from Android 10 release which are relevant outside the Android ecosystem?",
            "refsource": "MLIST",
            "url": "http://www.openwall.com/lists/oss-security/2019/10/27/1"
          },
          {
            "name": "[oss-security] 20191107 Re: Security fixes from Android 10 release which are relevant outside the Android ecosystem?",
            "refsource": "MLIST",
            "url": "http://www.openwall.com/lists/oss-security/2019/11/07/1"
          },
          {
            "name": "USN-4199-1",
            "refsource": "UBUNTU",
            "url": "https://usn.ubuntu.com/4199-1/"
          },
          {
            "name": "20191128 [SECURITY] [DSA 4578-1] libvpx security update",
            "refsource": "BUGTRAQ",
            "url": "https://seclists.org/bugtraq/2019/Nov/43"
          },
          {
            "name": "DSA-4578",
            "refsource": "DEBIAN",
            "url": "https://www.debian.org/security/2019/dsa-4578"
          },
          {
            "name": "FEDORA-2020-65eac1b48b",
            "refsource": "FEDORA",
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U2IIA3RSYABBUCFIHXIRVUT5CTJVWWZ6/"
          },
          {
            "name": "FEDORA-2020-6cd410d9e4",
            "refsource": "FEDORA",
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DQSTK442ATWJOR4TU3MR6C3N5A6NDFFN/"
          },
          {
            "name": "openSUSE-SU-2020:0105",
            "refsource": "SUSE",
            "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00049.html"
          },
          {
            "name": "GLSA-202003-59",
            "refsource": "GENTOO",
            "url": "https://security.gentoo.org/glsa/202003-59"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "security@android.com",
          "ID": "CVE-2019-9371"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "In libvpx, there is a possible resource exhaustion due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-132783254"
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-20"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://source.android.com/security/bulletin/android-10",
              "refsource": "MISC",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://source.android.com/security/bulletin/android-10"
            },
            {
              "name": "[oss-security] 20191025 Security fixes from Android 10 release which are relevant outside the Android ecosystem?",
              "refsource": "MLIST",
              "tags": [
                "Mailing List"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2019/10/25/17"
            },
            {
              "name": "[oss-security] 20191026 Re: Security fixes from Android 10 release which are relevant outside the Android ecosystem?",
              "refsource": "MLIST",
              "tags": [
                "Mailing List"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2019/10/27/1"
            },
            {
              "name": "[oss-security] 20191107 Re: Security fixes from Android 10 release which are relevant outside the Android ecosystem?",
              "refsource": "MLIST",
              "tags": [
                "Mailing List"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2019/11/07/1"
            },
            {
              "name": "USN-4199-1",
              "refsource": "UBUNTU",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://usn.ubuntu.com/4199-1/"
            },
            {
              "name": "20191128 [SECURITY] [DSA 4578-1] libvpx security update",
              "refsource": "BUGTRAQ",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "https://seclists.org/bugtraq/2019/Nov/43"
            },
            {
              "name": "DSA-4578",
              "refsource": "DEBIAN",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://www.debian.org/security/2019/dsa-4578"
            },
            {
              "name": "FEDORA-2020-65eac1b48b",
              "refsource": "FEDORA",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U2IIA3RSYABBUCFIHXIRVUT5CTJVWWZ6/"
            },
            {
              "name": "FEDORA-2020-6cd410d9e4",
              "refsource": "FEDORA",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DQSTK442ATWJOR4TU3MR6C3N5A6NDFFN/"
            },
            {
              "name": "openSUSE-SU-2020:0105",
              "refsource": "SUSE",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00049.html"
            },
            {
              "name": "GLSA-202003-59",
              "refsource": "GENTOO",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://security.gentoo.org/glsa/202003-59"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.1,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 6.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": true
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 2.8,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2022-10-14T02:07Z",
      "publishedDate": "2019-09-27T19:15Z"
    }
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2019-9371 (GCVE-0-2019-9371)

CERTFR-2019-AVI-405

Solution

CVE-2019-9371

Vulnerability from osv_almalinux

CNVD-2019-40055

FKIE_CVE-2019-9371

CVE-2019-9371

GHSA-9VPR-VRHC-8W49

GSD-2019-9371

Tags

Sightings

Nomenclature