Lucene search
Ubuntu.comUB:CVE-2024-38949HistoryJun 26, 2024 - 12:00 a.m.
CVE-2024-38949
2024-06-2600:00:00
ubuntu.com
ubuntu.com
3
heap buffer overflow
libde265
crafted payload
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
AI Score
6.5
Confidence
Low
Heap Buffer Overflow vulnerability in Libde265 v1.0.15 allows attackers to
crash the application via crafted payload to display444as420 function at
sdl.cc
Bugs
- <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1074416>
- <https://github.com/strukturag/libde265/issues/460>
Notes
| Author | Note |
|---|---|
| mdeslaur | as of 2024-07-05, there is no fix available from libde265 developers |
Related
cve
cve
CVE-2024-38949
2024-06-26 20:15:16
veracode
veracode
Heap Buffer Overflow
2024-06-27 12:01:13
osv
osv
UBUNTU-CVE-2024-38949
2024-06-26 20:15:00
CVE-2024-38949
2024-06-26 20:15:16
vulnrichment
vulnrichment
CVE-2024-38949
2024-06-26 00:00:00
nvd
nvd
CVE-2024-38949
2024-06-26 20:15:16
debiancve
debiancve
CVE-2024-38949
2024-06-26 20:15:16
cvelist
cvelist
CVE-2024-38949
2024-06-26 00:00:00
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
AI Score
6.5
Confidence
Low
Related for UB:CVE-2024-38949