Libde265 v1.0.12 was discovered to contain multiple buffer overflows via the num_tile_columns and num_tile_row parameters in the function pic_parameter_set::dump.
References
Link | Resource |
---|---|
https://github.com/strukturag/libde265/commit/63b596c915977f038eafd7647d1db25488a8c133 | Patch |
https://github.com/strukturag/libde265/issues/418 | Exploit Issue Tracking Patch |
https://lists.debian.org/debian-lts-announce/2023/11/msg00032.html |
Configurations
History
30 Nov 2023, 19:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
30 Nov 2023, 05:43
Type | Values Removed | Values Added |
---|---|---|
References | () https://github.com/strukturag/libde265/issues/418 - Exploit, Issue Tracking, Patch | |
References | () https://github.com/strukturag/libde265/commit/63b596c915977f038eafd7647d1db25488a8c133 - Patch | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 8.1 |
CWE | CWE-120 | |
CPE | cpe:2.3:a:struktur:libde265:1.0.12:*:*:*:*:*:*:* | |
First Time |
Struktur
Struktur libde265 |
22 Nov 2023, 18:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-11-22 18:15
Updated : 2024-02-28 20:54
NVD link : CVE-2023-43887
Mitre link : CVE-2023-43887
CVE.ORG link : CVE-2023-43887
JSON object : View
Products Affected
struktur
- libde265
CWE
CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')