Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2024-38949HistoryJun 26, 2024 - 8:15 p.m.
CVE-2024-38949
2024-06-2620:15:16
Debian Security Bug Tracker
security-tracker.debian.org
2
cve-2024-38949
heap buffer overflow
libde265
attackers
crafted payload
display444as420 function
sdl.cc
unix
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
AI Score
7
Confidence
Low
EPSS
0
Percentile
9.1%
Heap Buffer Overflow vulnerability in Libde265 v1.0.15 allows attackers to crash the application via crafted payload to display444as420 function at sdl.cc
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | libde265 | <= 1.0.11-1+deb12u2 | libde265_1.0.11-1+deb12u2_all.deb |
| Debian | 11 | all | libde265 | <= 1.0.11-0+deb11u3 | libde265_1.0.11-0+deb11u3_all.deb |
| Debian | 999 | all | libde265 | <= 1.0.15-1 | libde265_1.0.15-1_all.deb |
| Debian | 13 | all | libde265 | <= 1.0.15-1 | libde265_1.0.15-1_all.deb |
Related
ubuntucve
ubuntucve
CVE-2024-38949
2024-06-26 00:00:00
cve
cve
CVE-2024-38949
2024-06-26 20:15:16
veracode
veracode
Heap Buffer Overflow
2024-06-27 12:01:13
osv
osv
UBUNTU-CVE-2024-38949
2024-06-26 20:15:00
CVE-2024-38949
2024-06-26 20:15:16
vulnrichment
vulnrichment
CVE-2024-38949
2024-06-26 00:00:00
nvd
nvd
CVE-2024-38949
2024-06-26 20:15:16
cvelist
cvelist
CVE-2024-38949
2024-06-26 00:00:00
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
AI Score
7
Confidence
Low
EPSS
0
Percentile
9.1%
Related for DEBIANCVE:CVE-2024-38949