First published: Wed Apr 06 2022(Updated: )
Heap-based Buffer Overflow in GitHub repository strukturag/libde265 prior to and including 1.0.8. The fix is established in commit 8e89fe0e175d2870c39486fdd09250b230ec10b8 but does not yet belong to an official release.
Credit: security@huntr.dev security@huntr.dev
Affected Software | Affected Version | How to fix |
---|---|---|
Struktur Libde265 | <=1.0.8 | |
debian/libde265 | 1.0.11-0+deb11u3 1.0.11-0+deb11u1 1.0.11-1+deb12u2 1.0.15-1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2022-1253 is a heap-based buffer overflow vulnerability in the GitHub repository strukturag/libde265 prior to and including version 1.0.8.
CVE-2022-1253 has a severity rating of 9.8 (Critical).
To fix CVE-2022-1253, you should update the libde265 package to a version that includes the fix, such as 1.0.11-1.
You can find more information about CVE-2022-1253 at the following references: [Debian Security Tracker](https://security-tracker.debian.org/tracker/CVE-2022-1253), [Huntr.dev](https://huntr.dev/bounties/1-other-strukturag/libde265/), and [GitHub Commit](https://github.com/strukturag/libde265/commit/8e89fe0e175d2870c39486fdd09250b230ec10b8).
The CWE IDs associated with CVE-2022-1253 are 119, 122, and 787.