Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntuUbuntuUSN-6627-1
HistoryFeb 08, 2024 - 12:00 a.m.

libde265 vulnerabilities

2024-02-0800:00:00
ubuntu.com
7
ubuntu 22.04 lts
ubuntu 20.04 lts
ubuntu 18.04 esm
ubuntu 16.04 esm
libde265
h.265 video codec
denial of service
memory management
logical error
out of bounds
arbitrary code execution
cve-2021-35452
cve-2021-36411
cve-2022-43238
cve-2022-43241
cve-2022-43242
cve-2021-36408
cve-2021-36409
cve-2021-36410
cve-2022-43235
cve-2022-43236
cve-2022-43237
cve-2022-43239
cve-2022-43240
cve-2022-43243
cve-2022-43248
cve-2022-43252
cve-2022-43253

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.7 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.002 Low

EPSS

Percentile

61.6%

JSON

Releases

  • Ubuntu 22.04 LTS
  • Ubuntu 20.04 LTS
  • Ubuntu 18.04 ESM
  • Ubuntu 16.04 ESM

Packages

  • libde265 - Open H.265 video codec implementation

Details

It was discovered that libde265 could be made to read out of bounds. If a
user or automated system were tricked into opening a specially crafted
file, an attacker could possibly use this issue to cause a denial of
service. (CVE-2021-35452, CVE-2021-36411, CVE-2022-43238, CVE-2022-43241,
CVE-2022-43242)

It was discovered that libde265 did not properly manage memory. If a user
or automated system were tricked into opening a specially crafted file, an
attacker could possibly use this issue to cause a denial of service or
execute arbitrary code. This issue only affected Ubuntu 22.04 LTS.
(CVE-2021-36408)

It was discovered that libde265 contained a logical error. If a user
or automated system were tricked into opening a specially crafted file, an
attacker could possibly use this issue to cause a denial of service.
(CVE-2021-36409)

It was discovered that libde265 could be made to write out of bounds. If a
user or automated system were tricked into opening a specially crafted
file, an attacker could possibly use this issue to cause a denial of
service or execute arbitrary code. (CVE-2021-36410, CVE-2022-43235,
CVE-2022-43236, CVE-2022-43237, CVE-2022-43239, CVE-2022-43240,
CVE-2022-43243, CVE-2022-43248, CVE-2022-43252, CVE-2022-43253)

It was discovered that libde265 could be made to write out of bounds. If a
user or automated system were tricked into opening a specially crafted
file, an attacker could possibly use this issue to cause a denial of
service or execute arbitrary code. This issue only affected Ubuntu 22.04
LTS. (CVE-2022-1253)

Related

openvas 6
nessus 6
cloudfoundry 1
osv 23
debian 3
freebsd 1
mageia 1
veracode 18
prion 18
debiancve 18
alpinelinux 18
ubuntucve 18
cnvd 5
cve 18
huntr 1
ubuntu 1
avleonov 1
openvas
openvas
Ubuntu: Security Advisory (USN-6627-1)
2024-02-09 00:00:00
Debian: Security Advisory (DLA-3280-1)
2023-01-25 00:00:00
Mageia: Security Advisory (MGASA-2023-0093)
2023-03-28 00:00:00
nessus
nessus
Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS / 22.04 LTS : libde265 vulnerabilities (USN-6627-1)
2024-02-08 00:00:00
Debian DLA-3240-1 : libde265 - LTS security update
2022-12-16 00:00:00
Debian DLA-3280-1 : libde265 - LTS security update
2023-01-25 00:00:00
cloudfoundry
cloudfoundry
USN-6627-1: libde265 vulnerabilities | Cloud Foundry
2024-02-29 00:00:00
osv
osv
libde265 vulnerabilities
2024-02-08 13:48:22
libde265 - security update
2023-01-24 00:00:00
libde265 - security update
2023-02-10 00:00:00
debian
debian
[SECURITY] [DLA 3240-1] libde265 security update
2022-12-15 18:13:59
[SECURITY] [DLA 3280-1] libde265 security update
2023-01-24 22:20:48
[SECURITY] [DSA 5346-1] libde265 security update
2023-02-10 19:38:07
freebsd
freebsd
libde256 -- multiple vulnerabilities
2023-01-27 00:00:00
mageia
mageia
Updated libde265 packages fix security vulnerability
2023-03-19 01:16:28
veracode
veracode
Denial Of Service (DoS)
2022-11-03 07:45:12
Denial Of Service (DoS)
2022-01-12 03:41:57
Denial Of Service (DoS)
2022-11-03 06:10:25
prion
prion
Design/Logic Flaw
2022-01-10 23:15:00
Design/Logic Flaw
2022-11-02 14:15:00
Heap overflow
2022-11-02 14:15:00
debiancve
debiancve
CVE-2021-36409
2022-01-10 23:15:00
CVE-2021-36411
2022-01-10 23:15:00
CVE-2022-43241
2022-11-02 14:15:00
alpinelinux
alpinelinux
CVE-2022-43241
2022-11-02 14:15:00
CVE-2022-43237
2022-11-02 14:15:00
CVE-2022-43242
2022-11-02 14:15:00
ubuntucve
ubuntucve
CVE-2022-43252
2022-11-02 00:00:00
CVE-2022-43253
2022-11-02 00:00:00
CVE-2021-36411
2022-01-10 00:00:00
cnvd
cnvd
libde265 has an unspecified vulnerability
2022-01-13 00:00:00
libde265 Access Control Error Vulnerability
2022-01-13 00:00:00
libde265 buffer overflow vulnerability
2022-01-13 00:00:00
cve
cve
CVE-2022-43243
2022-11-02 14:15:00
CVE-2021-36409
2022-01-10 23:15:00
CVE-2021-36410
2022-01-10 23:15:00
huntr
huntr
Heap-based Buffer Overflow in strukturag/libde265
2021-05-13 02:22:15
ubuntu
ubuntu
libde265 vulnerabilities
2024-01-30 00:00:00
avleonov
avleonov
Scanvus now supports Vulners and Vulns.io VM Linux vulnerability detection APIs
2022-12-30 18:03:13

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.7 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.002 Low

EPSS

Percentile

61.6%

JSON
Related for USN-6627-1
openvas6nessus6cloudfoundry1osv23debian3freebsd1mageia1veracode18prion18debiancve18alpinelinux18ubuntucve18cnvd5cve18huntr1ubuntu1avleonov1