Vulnerability Description
Heap-based Buffer Overflow in GitHub repository strukturag/libde265 prior to and including 1.0.8. The fix is established in commit 8e89fe0e175d2870c39486fdd09250b230ec10b8 but does not yet belong to an official release.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Struktur | Libde265 | <= 1.0.8 |
Related Weaknesses (CWE)
References
- https://github.com/strukturag/libde265/commit/8e89fe0e175d2870c39486fdd09250b230PatchThird Party Advisory
- https://huntr.dev/bounties/1-other-strukturag/libde265ExploitIssue TrackingPatch
- https://www.debian.org/security/2023/dsa-5346
- https://github.com/strukturag/libde265/commit/8e89fe0e175d2870c39486fdd09250b230PatchThird Party Advisory
- https://huntr.dev/bounties/1-other-strukturag/libde265ExploitIssue TrackingPatch
- https://www.debian.org/security/2023/dsa-5346
FAQ
What is CVE-2022-1253?
CVE-2022-1253 is a vulnerability with a CVSS score of 9.8 (CRITICAL). Heap-based Buffer Overflow in GitHub repository strukturag/libde265 prior to and including 1.0.8. The fix is established in commit 8e89fe0e175d2870c39486fdd09250b230ec10b8 but does not yet belong to a...
How severe is CVE-2022-1253?
CVE-2022-1253 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2022-1253?
Check the references section above for vendor advisories and patch information. Affected products include: Struktur Libde265.