EPSS
Percentile
40.3%
libde265.so is vulnerable to denial of service. The vulnerability exists due to a segmentation violation in the apply_sao_internal function of sao.cc which allows a remote attacker to crash the application via a malicious video file.
apply_sao_internal
sao.cc
github.com/advisories/GHSA-cq68-4f8j-mf92
github.com/strukturag/libde265/blob/v1.0.9/libde265/sao.cc#L29
github.com/strukturag/libde265/issues/352
lists.debian.org/debian-lts-announce/2023/01/msg00020.html
www.debian.org/security/2023/dsa-5346