6.8 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
36.8%
Libde265 is vulnerable to heap-buffer-overflow. The vulnerability is due to the derive_spatial_luma_vector_prediction function in motion.cc which results in heap-buffer-overflow.
derive_spatial_luma_vector_prediction
motion.cc
github.com/advisories/GHSA-xxjf-hhmr-jhmq
github.com/strukturag/libde265/issues/435
lists.debian.org/debian-lts-announce/2023/12/msg00022.html