PT-2026-39706 — Julia Libvpx Jll

PT-2026-39706 · Julia · Libvpx Jll

Published

2026-05-01

Updated

2026-05-01

None

No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.

There exists interger overflows in libvpx in versions prior to 1.14.1. Calling vpx img alloc() with a large value of the d w, d h, or align parameter may result in integer overflows in the calculations of buffer sizes and offsets and some fields of the returned vpx image t struct may be invalid. Calling vpx img wrap() with a large value of the d w, d h, or stride align parameter may result in integer overflows in the calculations of buffer sizes and offsets and some fields of the returned vpx image t struct may be invalid. We recommend upgrading to version 1.14.1 or beyond

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

JLSEC-2026-377

Affected Products

Libvpx Jll