What is the severity of CVE-2020-36130?

The severity of CVE-2020-36130 is medium with a CVSS score of 6.5.

How does CVE-2020-36130 affect AOM v2.0.1?

CVE-2020-36130 affects AOM v2.0.1 by causing a NULL pointer dereference in the av1/av1_dx_iface.c component.

Which software versions are affected by CVE-2020-36130?

CVE-2020-36130 affects AOM v2.0.1, Debian's aom version 1.0.0-3+deb10u1, 1.0.0.errata1-3+deb11u1, 3.6.0-1, and 3.7.0-1, as well as Ubuntu's aom version 3.2.0-1 and aom version 1.0.0.* with qualifier 'focal'.

How can I fix the vulnerability CVE-2020-36130 in AOM v2.0.1?

To fix CVE-2020-36130 in AOM v2.0.1, update to a newer version of AOM that does not contain the NULL pointer dereference vulnerability.

Where can I find more information about CVE-2020-36130?

You can find more information about CVE-2020-36130 in the references provided: [here](https://bugs.chromium.org/p/aomedia/issues/detail?id=2905&q=&can=1), [here](https://lists.debian.org/debian-lts-announce/2023/09/msg00003.html), and [here](https://www.debian.org/security/2023/dsa-5490).

Vulnerability/
CVE-2020-36130

medium

6.5

CWE

476

2/12/2021

31/1/2024

CVE-2020-36130: Null Pointer Dereference

First published: Thu Dec 02 2021(Updated: )

AOM v2.0.1 was discovered to contain a NULL pointer dereference via the component av1/av1_dx_iface.c.

Credit: cve@mitre.org cve@mitre.org cve@mitre.org

Affected Software	Affected Version	How to fix
Aomedia Aomedia	=2.0.1
ubuntu/aom	<3.2.0-1	3.2.0-1
ubuntu/aom	<1.0.0.	1.0.0.
debian/aom	<=1.0.0-3	1.0.0-3+deb10u1 1.0.0.errata1-3+deb11u1 3.6.0-1 3.8.2-2

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

USN-6447-1

Frequently Asked Questions

What is the severity of CVE-2020-36130?
The severity of CVE-2020-36130 is medium with a CVSS score of 6.5.
How does CVE-2020-36130 affect AOM v2.0.1?
CVE-2020-36130 affects AOM v2.0.1 by causing a NULL pointer dereference in the av1/av1_dx_iface.c component.
Which software versions are affected by CVE-2020-36130?
CVE-2020-36130 affects AOM v2.0.1, Debian's aom version 1.0.0-3+deb10u1, 1.0.0.errata1-3+deb11u1, 3.6.0-1, and 3.7.0-1, as well as Ubuntu's aom version 3.2.0-1 and aom version 1.0.0.* with qualifier 'focal'.
How can I fix the vulnerability CVE-2020-36130 in AOM v2.0.1?
To fix CVE-2020-36130 in AOM v2.0.1, update to a newer version of AOM that does not contain the NULL pointer dereference vulnerability.
Where can I find more information about CVE-2020-36130?
You can find more information about CVE-2020-36130 in the references provided: [here](https://bugs.chromium.org/p/aomedia/issues/detail?id=2905&q=&can=1), [here](https://lists.debian.org/debian-lts-announce/2023/09/msg00003.html), and [here](https://www.debian.org/security/2023/dsa-5490).

collector/nvd-index
agent/type
agent/first-publish-date
agent/author
agent/severity
agent/description
collector/mitre-cve
source/MITRE
agent/weakness
agent/references
collector/nvd-api
source/NVD
agent/software-canonical-lookup
agent/last-modified-date
agent/tags
collector/nvd-cve
collector/launchpad-cve
source/Launchpad
agent/event
collector/security-tracker-debian
source/Debian
agent/softwarecombine
collector/usn-cve
source/Ubuntu
vendor/aomedia
canonical/aomedia aomedia
version/aomedia aomedia/2.0.1
package-manager/debian
package-manager/ubuntu