CVE-2019-9746

NONE EPSS 73.5%
Published Mar 13, 20197y ago · Modified Jun 17, 20262w ago
Find Similar
Published Mar 13, 2019 7y ago
Last Modified Jun 17, 2026 2w ago

Description

In libwebm before 2019-03-08, a NULL pointer dereference caused by the functions OutputCluster and OutputTracks in webm_info.cc will trigger an abort, which allows a DoS attack, a similar issue to CVE-2018-19212.

Threat Intelligence

EPSS Exploit Probability
73.5% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-476 NULL Pointer Dereference Memory Safety

Affected Products 1

VendorProductVersionRange
webmprojectlibwebm* ≤1.0.0.27

References 2

  • bugs.chromium.org https://bugs.chromium.org/p/webm/issues/detail?id=1605
    Permissions RequiredThird Party Advisory
  • chromium.googlesource.com https://chromium.googlesource.com/webm/libwebm/+/2427abe0bde234987ed005a3adca461e9a85dfb7
    Mailing ListPatchThird Party Advisory

Remediation

  • chromium.googlesource.com https://chromium.googlesource.com/webm/libwebm/+/2427abe0bde234987ed005a3adca461e9a85dfb7
    Mailing ListPatchThird Party Advisory