Libde265 v1.0.12 was discovered to contain multiple buffer overflows via the numtilecolumns and numtilerow parameters in the function picparameterset::dump.
{ "vanir_signatures": [ { "digest": { "function_hash": "115318745234840897845172318388566652946", "length": 468.0 }, "id": "CVE-2023-43887-33eaefc0", "source": "https://github.com/strukturag/libde265/commit/63b596c915977f038eafd7647d1db25488a8c133", "signature_version": "v1", "signature_type": "Function", "target": { "file": "libde265/decctx.cc", "function": "decoder_context::read_pps_NAL" }, "deprecated": false }, { "digest": { "threshold": 0.9, "line_hashes": [ "145631099459763226381212929949972107850", "329025106158059296245517650606473879127", "224877373758412648504169160339250263469", "33325110550459107806935975561007447492", "67677560191946787987919874293443464310", "150421879833117031061740108422218256599", "313785268145090874383446176971876695378", "53004177848232812490147634192017942808", "240418118779755308749764802555398091281", "194908936974693031164250873985602853148", "122689502183537620170736254362945799620" ] }, "id": "CVE-2023-43887-af066c82", "source": "https://github.com/strukturag/libde265/commit/63b596c915977f038eafd7647d1db25488a8c133", "signature_version": "v1", "signature_type": "Line", "target": { "file": "libde265/decctx.cc" }, "deprecated": false } ] }