libde265 is an open source implementation of the h.265 video codec. libde265 version 1.0.4 has a heap buffer overflow vulnerability in the put_weighted_bipred_16_fallback function. An attacker can exploit the vulnerability to cause a denial of service via specially crafted files.