CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 1CVE-2023-43887
https://notcve.org/view.php?id=CVE-2023-43887
Libde265 v1.0.12 was discovered to contain multiple buffer overflows via the num_tile_columns and num_tile_row parameters in the function pic_parameter_set::dump. Se descubrió que Libde265 v1.0.12 contenía múltiples desbordamientos del búfer a través de los parámetros num_tile_columns y num_tile_row en la función pic_parameter_set::dump. • https://github.com/strukturag/libde265/commit/63b596c915977f038eafd7647d1db25488a8c133 https://github.com/strukturag/libde265/issues/418 https://lists.debian.org/debian-lts-announce/2023/11/msg00032.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-47471
https://notcve.org/view.php?id=CVE-2023-47471
Buffer Overflow vulnerability in strukturag libde265 v1.10.12 allows a local attacker to cause a denial of service via the slice_segment_header function in the slice.cc component. Vulnerabilidad de desbordamiento del búfer en strukturag libde265 v1.10.12 permite que un atacante local provoque una denegación de servicio a través de la función slice_segment_header en el componente slice.cc. • https://github.com/strukturag/libde265/commit/e36b4a1b0bafa53df47514c419d5be3e8916ebc7 https://github.com/strukturag/libde265/issues/426 https://lists.debian.org/debian-lts-announce/2023/11/msg00032.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •