libde265.so is vulnerable to heap-based buffer overflow. The vulnerability exists due to a lack of validation the derive_spatial_luma_vector_prediction
functions in motion.cc.
which allows an attacker to parse a crafted file, causing an application crash.