← Back

CVE-2023-49468

nvd nist
Published: Dec 7, 2023Modified: Nov 21, 2024

JSON object

Loading...
8.8
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Exploitability: 2.8 / Impact: 5.9
Source: NVD

Description

Libde265 v1.0.14 was discovered to contain a global buffer overflow vulnerability in the read_coding_unit function at slice.cc.

Affected (1)

Products: Struktur: Libde265
Struktur
1 product
Libde265
Configuration A
1 vulnerable
Vulnerable SoftwareAffected Versions
Libde265
Version 1.0.14

Related CWEs

CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.
CWE-787
Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.

References (4)

Source: cve@mitre.org
ExploitIssue TrackingPatch
Source: cve@mitre.org
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitIssue TrackingPatch
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.