CVE-2023-43887

Name
CVE-2023-43887
Description
Libde265 v1.0.12 was discovered to contain multiple buffer overflows via the num_tile_columns and num_tile_row parameters in the function pic_parameter_set::dump.
NVD Severity
unknown
Other trackers
Mailing lists
Exploits
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
https://github.com/strukturag/libde265/issues/418
https://github.com/strukturag/libde265/commit/63b596c915977f038eafd7647d1db25488a8c133
cve@mitre.org https://lists.debian.org/debian-lts-announce/2023/11/msg00032.html

Match rules

CPE URI Source package Min version Max version
cpe:2.3:a:struktur:libde265:1.0.12:*:*:*:*:*:*:* libde265 == None == 1.0.12

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
libde265 3.15-main 1.0.12-r0 Jakub Jirutka <jakub@jirutka.cz> possibly vulnerable