{"id":"CVE-2022-1253","summary":"Heap-based Buffer Overflow in strukturag/libde265","details":"Heap-based Buffer Overflow in GitHub repository strukturag/libde265 prior to and including 1.0.8. The fix is established in commit 8e89fe0e175d2870c39486fdd09250b230ec10b8 but does not yet belong to an official release.","modified":"2026-04-09T08:07:57.674377Z","published":"2022-04-06T00:00:00Z","related":["MGASA-2023-0093"],"database_specific":{"cna_assigner":"@huntrdev","cwe_ids":["CWE-122"],"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/1xxx/CVE-2022-1253.json"},"references":[{"type":"WEB","url":"https://huntr.dev/bounties/1-other-strukturag/libde265"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/1xxx/CVE-2022-1253.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-1253"},{"type":"ADVISORY","url":"https://www.debian.org/security/2023/dsa-5346"},{"type":"FIX","url":"https://github.com/strukturag/libde265/commit/8e89fe0e175d2870c39486fdd09250b230ec10b8"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/strukturag/libde265","events":[{"introduced":"0"},{"fixed":"8e89fe0e175d2870c39486fdd09250b230ec10b8"}]}],"versions":["v0.1","v0.2","v0.3","v0.4","v0.5","v1.0.0","v1.0.3","v1.0.4","v1.0.5","v1.0.6","v1.0.7","v1.0.8"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-1253.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L"}]}