libde265

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description Open h.265 video codec implementation
Version 1.0.15-3 [extra]

Resolved

Group Affected Fixed Severity Status Ticket
AVG-2396 1.0.8-1 1.0.10-1 Medium Fixed
Issue Group Severity Remote Type Description
CVE-2020-21606 AVG-2396 Medium Yes Arbitrary code execution
libde265 v1.0.4 contains a heap buffer overflow fault in the put_epel_16_fallback function, which can be exploited via a crafted a file.
CVE-2020-21605 AVG-2396 Low Yes Denial of service
libde265 v1.0.4 contains a segmentation fault in the apply_sao_internal function, which can be exploited via a crafted a file.
CVE-2020-21604 AVG-2396 Medium Yes Arbitrary code execution
libde265 v1.0.4 contains a heap buffer overflow fault in the _mm_loadl_epi64 function, which can be exploited via a crafted a file.
CVE-2020-21603 AVG-2396 Medium Yes Arbitrary code execution
libde265 v1.0.4 contains a heap buffer overflow in the put_qpel_0_0_fallback_16 function, which can be exploited via a crafted a file.
CVE-2020-21602 AVG-2396 Medium Yes Arbitrary code execution
libde265 v1.0.4 contains a heap buffer overflow in the put_weighted_bipred_16_fallback function, which can be exploited via a crafted a file.
CVE-2020-21601 AVG-2396 Medium Yes Arbitrary code execution
libde265 v1.0.4 contains a stack buffer overflow in the put_qpel_fallback function, which can be exploited via a crafted a file.
CVE-2020-21600 AVG-2396 Medium Yes Arbitrary code execution
libde265 v1.0.4 contains a heap buffer overflow in the put_weighted_pred_avg_16_fallback function, which can be exploited via a crafted a file.
CVE-2020-21599 AVG-2396 Medium Yes Arbitrary code execution
libde265 v1.0.4 contains a heap buffer overflow in the de265_image::available_zscan function, which can be exploited via a crafted a file.
CVE-2020-21598 AVG-2396 Medium Yes Arbitrary code execution
libde265 v1.0.4 contains a heap buffer overflow in the ff_hevc_put_unweighted_pred_8_sse function, which can be exploited via a crafted a file.
CVE-2020-21597 AVG-2396 Medium Yes Arbitrary code execution
libde265 v1.0.4 contains a heap buffer overflow in the mc_chroma function, which can be exploited via a crafted a file.
CVE-2020-21596 AVG-2396 Medium Yes Arbitrary code execution
libde265 v1.0.4 contains a global buffer overflow in the decode_CABAC_bit function, which can be exploited via a crafted a file.
CVE-2020-21595 AVG-2396 Medium Yes Arbitrary code execution
libde265 v1.0.4 contains a heap buffer overflow in the mc_luma function, which can be exploited via a crafted a file.
CVE-2020-21594 AVG-2396 Medium Yes Arbitrary code execution
libde265 v1.0.4 contains a heap buffer overflow in the put_epel_hv_fallback function, which can be exploited via a crafted a file.