CVE-2020-36430

CVE-2020-36430 refers to a heap-based buffer overflow in libass 0.15.x, fixed in 0.15.1. The vulnerability occurs in decode_chars (used by decode_font and process_text) due to the wrong integer type used for subtraction, enabling an out-of-bounds write. Impact observed in multiple bundles: openSU...

CVE-2020-24994

CVE-2020-24994 is a stack overflow in libass/ass_parse.c parse_tag() affecting libass before 0.15.0. A crafted file can trigger denial of service or remote code execution. Multiple advisories reference fixes (e.g., openSUSE openSUSE-SU-2021:1664-1, Ubuntu USN-4797-1, OSV vulnerability page) with ...

CVE-2020-26682

CVE-2020-26682 affects libass 0.14.0, where the call to outline_stroke inside ass_outline_construct can trigger a signed integer overflow. This vulnerability may cause a crash or, per multiple advisories, could enable arbitrary code execution under certain conditions. Several connected sources no...

CVE-2016-7970

CVE-2016-7970 affects libass before 0.13.4; a buffer overflow in calc_coeff (libass/ass_blur.c) allows remote denial of service. Documented fixes upgrade LibASS to 0.13.4 (and related advisories). Practical impact: remote attacker could cause DoS via unspecified vectors. Remediation: update to li...

CVE-2016-7972

CVE-2016-7972 affects libass prior to 0.13.4. The vulnerability is in check_allocations (libass/ass_shaper.c) and can allow a remote attacker to cause a denial of service via a memory allocation failure. Remediation: upgrade to libass 0.13.4 or later (per multiple advisories: Gentoo GLSA-201702-2...

CVE-2016-7969

Summary of CVE-2016-7969 : The vulnerability affects libass prior to version 0.13.4, specifically the wrap_lines_smart function in ass_render.c. A remote attacker could trigger an out-of-bounds read, leading to a denial of service. The issue is documented across multiple advisories and OS feeds. ...