CVE-2022-1253
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2022-1253
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-1253.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2022-1253
- Downstream
- Related
- Published
- 2022-04-06T00:00:00Z
- Modified
- 2025-11-28T02:35:11.507714Z
- Severity
-
- 7.4 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L CVSS Calculator
- Summary
- Heap-based Buffer Overflow in strukturag/libde265
- Details
-
Heap-based Buffer Overflow in GitHub repository strukturag/libde265 prior to and including 1.0.8. The fix is established in commit 8e89fe0e175d2870c39486fdd09250b230ec10b8 but does not yet belong to an official release.
- Database specific
{ "cna_assigner": "@huntrdev", "cwe_ids": [ "CWE-122" ], "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/1xxx/CVE-2022-1253.json" }- References
-
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/1xxx/CVE-2022-1253.json
- https://github.com/strukturag/libde265/commit/8e89fe0e175d2870c39486fdd09250b230ec10b8
- https://huntr.dev/bounties/1-other-strukturag/libde265
- https://nvd.nist.gov/vuln/detail/CVE-2022-1253
- https://www.debian.org/security/2023/dsa-5346
Affected packages
Git / github.com/strukturag/libde265
Affected ranges
- Type
- GIT
- Repo
- https://github.com/strukturag/libde265
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
v0.*
v0.1
v0.10
v0.2
v0.3
v0.4
v0.5
v0.6
v0.7
v0.8
v0.9
v1.*
v1.0.0
v1.0.1
v1.0.2
v1.0.3
v1.0.4
v1.0.5
v1.0.6
v1.0.7
v1.0.8
Database specific
vanir_signatures
[
{
"source": "https://github.com/strukturag/libde265/commit/8e89fe0e175d2870c39486fdd09250b230ec10b8",
"id": "CVE-2022-1253-1e63198b",
"target": {
"file": "libde265/sps.cc"
},
"signature_type": "Line",
"deprecated": false,
"digest": {
"threshold": 0.9,
"line_hashes": [
"202132813394368793252372296038490491884",
"57480292275328694761362079404650047886",
"190249936156149638369287607618362334172",
"338924197999826606531167202863109123947"
]
},
"signature_version": "v1"
},
{
"source": "https://github.com/strukturag/libde265/commit/8e89fe0e175d2870c39486fdd09250b230ec10b8",
"id": "CVE-2022-1253-26a64cac",
"target": {
"function": "seq_parameter_set::read",
"file": "libde265/sps.cc"
},
"signature_type": "Function",
"deprecated": false,
"digest": {
"length": 7276.0,
"function_hash": "210121378190826524042207948115195377071"
},
"signature_version": "v1"
},
{
"source": "https://github.com/strukturag/libde265/commit/8e89fe0e175d2870c39486fdd09250b230ec10b8",
"id": "CVE-2022-1253-58fc3190",
"target": {
"function": "video_usability_information::hrd_parameters",
"file": "libde265/vui.cc"
},
"signature_type": "Function",
"deprecated": false,
"digest": {
"length": 2316.0,
"function_hash": "253210681964015321300872825600936547057"
},
"signature_version": "v1"
},
{
"source": "https://github.com/strukturag/libde265/commit/8e89fe0e175d2870c39486fdd09250b230ec10b8",
"id": "CVE-2022-1253-767fd50d",
"target": {
"function": "video_usability_information::read",
"file": "libde265/vui.cc"
},
"signature_type": "Function",
"deprecated": false,
"digest": {
"length": 4653.0,
"function_hash": "108937228968666756325575206902695273073"
},
"signature_version": "v1"
},
{
"source": "https://github.com/strukturag/libde265/commit/8e89fe0e175d2870c39486fdd09250b230ec10b8",
"id": "CVE-2022-1253-e65faec8",
"target": {
"file": "libde265/vui.cc"
},
"signature_type": "Line",
"deprecated": false,
"digest": {
"threshold": 0.9,
"line_hashes": [
"215776908352763999638890499227187466087",
"58775356746445001299908757144270239703",
"187492830555761779351243266096542272725",
"277794084751432947785638582084017446768",
"140077959662551403007061336466746842142",
"188339106116204205175380359552263948081",
"302905903411076490407846549385153749993",
"287508263667589468781989154551970454654"
]
},
"signature_version": "v1"
}
]