Security
Security
A vulnerability has been discovered in libvpx, which could lead to execution of arbitrary code.
| Package | media-libs/libvpx on all architectures |
|---|---|
| Affected versions | < 1.15.2 |
| Unaffected versions | >= 1.15.2 |
libvpx is the VP8 codec SDK used to encode and decode video streams, typically within a WebM format media file.
A vulnerability has been discovered in libvpx. Please review the CVE identifier referenced below for details.
Please review the referenced CVE identifier for details.
There is no known workaround at this time.
All libvpx users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=media-libs/libvpx-1.15.2"
Release date
September 17, 2025
Latest revision
September 17, 2025: 1
Severity
high
Exploitable
remote
Bugzilla entries