EPSS
Percentile
28.1%
libde265.so is vulnerable to use-after-free. The vulnerability is possible because of a flaw in the server code of the file intrapred.h when decoding the file using dec265., leading to heap use-after-free.
intrapred.h
github.com/strukturag/libde265/issues/299
lists.debian.org/debian-lts-announce/2022/12/msg00027.html
www.debian.org/security/2023/dsa-5346