Published: 16/09/2021 Updated: 11/02/2023

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8

VMScore: 384

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

libde265 v1.0.4 contains a heap buffer overflow in the put_weighted_bipred_16_fallback function, which can be exploited via a crafted a file.

Vulnerable Product	Search on Vulmon	Subscribe to Product
struktur libde265 1.0.4

Debian Bug report logs - #1004963 CVE-2020-21598 CVE-2020-21600 CVE-2020-21602 Package: src:libde265; Maintainer for src:libde265 is Debian Multimedia Maintainers <debian-multimedia@listsdebianorg>; Reported by: Moritz Muehlenhoff <jmm@debianorg> Date: Fri, 4 Feb 2022 12:18:02 UTC Severity: grave Tags: security, ...

Multiple security issues were discovered in libde265, an implementation of the H265 video codec which may result in denial of service and potentially the execution of arbitrary code if a malformed media file is processed For the stable distribution (bullseye), these problems have been fixed in version 1011-0+deb11u1 We recommend that you upgra ...

libde265 v104 contains a heap buffer overflow in the put_weighted_bipred_16_fallback function, which can be exploited via a crafted a file ...

CWE-787 https://github.com/strukturag/libde265/issues/242 https://cwe.mitre.org/data/definitions/122.html https://www.debian.org/security/2023/dsa-5346 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004963 https://nvd.nist.gov https://www.debian.org/security/2023/dsa-5346

CVE-2020-21602

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect