CVE-2020-21598

Published: 16 September 2021

libde265 v1.0.4 contains a heap buffer overflow in the ff_hevc_put_unweighted_pred_8_sse function, which can be exploited via a crafted a file.

Priority

CVSS 3 base score: 8.8

Status

Package	Release	Status
libde265 Launchpad, Ubuntu, Debian	bionic	Needs triage
	focal	Needs triage
	hirsute	Ignored (reached end-of-life)
	impish	Ignored (reached end-of-life)
	jammy	Needs triage
	trusty	Does not exist
	upstream	Needs triage
	xenial	Ignored (out of standard support)

Canonical is offering Ubuntu Extended Security Maintenance (ESM) for security fixes and essential packages.