CVE-2022-1253 HIGH

CVE-2022-1253: Heap-based Buffer Overflow in strukturag/libde265

Vendor Strukturag
Product strukturag/libde265
Weakness CWE-122
Published April 6, 2022
Last update August 2, 2024

CVSS base score

7.4/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality Low
Integrity Low

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L

What the vulnerability does

01Description

Heap-based Buffer Overflow in GitHub repository strukturag/libde265 prior to and including 1.0.8. The fix is established in commit 8e89fe0e175d2870c39486fdd09250b230ec10b8 but does not yet belong to an official release.

Key dates

02Disclosure timeline

April 6, 2022 CVE published
August 2, 2024 Record updated