Lucene search

Libass Security Vulnerabilities

cve

CVE-2020-36430

libass 0.15.x before 0.15.1 has a heap-based buffer overflow in decode_chars (called from decode_font and process_text) because the wrong integer data type is used for...

7.8CVSS

7.7AI Score

0.001EPSS

2021-07-20 07:15 AM

143

cve

CVE-2020-24994

Stack overflow in the parse_tag function in libass/ass_parse.c in libass before 0.15.0 allows remote attackers to cause a denial of service or remote code execution via a crafted...

8.8CVSS

8.7AI Score

0.011EPSS

2021-03-23 08:15 PM

125

cve

CVE-2020-26682

In libass 0.14.0, the ass_outline_construct's call to outline_stroke causes a signed integer...

8.8CVSS

8.5AI Score

0.003EPSS

2020-10-16 02:15 PM

101

cve

CVE-2016-7970

Buffer overflow in the calc_coeff function in libass/ass_blur.c in libass before 0.13.4 allows remote attackers to cause a denial of service via unspecified...

7.5CVSS

7.3AI Score

0.023EPSS

2017-03-03 04:59 PM

cve

CVE-2016-7972

The check_allocations function in libass/ass_shaper.c in libass before 0.13.4 allows remote attackers to cause a denial of service (memory allocation failure) via unspecified...

7.5CVSS

7.1AI Score

0.018EPSS

2017-03-03 04:59 PM

cve

CVE-2016-7969

The wrap_lines_smart function in ass_render.c in libass before 0.13.4 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors, related to "0/3 line wrapping...

7.5CVSS

7.2AI Score

0.015EPSS

2017-03-03 04:59 PM