EPSS
Percentile
47.9%
libde265.so is vulnerable to denial of service. The vulnerability exists due to a heap-based buffer overflow in the mc_chroma function of motion.cc which allows an attacker to cause an application crash.
mc_chroma
motion.cc
github.com/advisories/GHSA-9r55-49v3-j343
github.com/strukturag/libde265/blob/master/libde265/motion.cc#L174
github.com/strukturag/libde265/issues/341
lists.debian.org/debian-lts-announce/2023/01/msg00020.html
www.debian.org/security/2023/dsa-5346