Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:apk/alpine/libde265@1.0.8-r2?arch=x86&distroversion=v3.14&reponame=main

Type apk

Namespace alpine

Name libde265

Version 1.0.8-r2

Qualifiers

arch	x86
distroversion	v3.14
reponame	main

Subpath

Is_vulnerable false

Next_non_vulnerable_version 1.0.11-r0

Latest_non_vulnerable_version 1.0.11-r1

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-5pkw-zxxy-p7bn

vulnerability_id VCID-5pkw-zxxy-p7bn

summary

Out-of-bounds Read
An issue has been found in libde265 v1.0.8 due to incorrect access control. A SEGV caused by a READ memory access in function `derive_boundaryStrength` of `deblock.cc` has occurred. The vulnerability causes a segmentation fault and application crash, which leads to remote denial of service.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-36411

reference_id

reference_type

scores

value	0.00156
scoring_system	epss
scoring_elements	0.36033
published_at	2026-05-30T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-36411

reference_url	https://github.com/strukturag/libde265/issues/302
reference_id
reference_type
scores
url	https://github.com/strukturag/libde265/issues/302

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014977
reference_id	1014977
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014977

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2021-36411
reference_id	CVE-2021-36411
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2021-36411

reference_url	https://security.gentoo.org/glsa/202408-20
reference_id	GLSA-202408-20
reference_type
scores
url	https://security.gentoo.org/glsa/202408-20

reference_url	https://usn.ubuntu.com/6627-1/
reference_id	USN-6627-1
reference_type
scores
url	https://usn.ubuntu.com/6627-1/

fixed_packages

url	pkg:apk/alpine/libde265@1.0.8-r2?arch=x86&distroversion=v3.14&reponame=main
purl	pkg:apk/alpine/libde265@1.0.8-r2?arch=x86&distroversion=v3.14&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libde265@1.0.8-r2%3Farch=x86&distroversion=v3.14&reponame=main

aliases CVE-2021-36411

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5pkw-zxxy-p7bn

url VCID-5srn-2sfd-5be1

vulnerability_id VCID-5srn-2sfd-5be1

summary An Out-of-bounds Read vulnerability exists in libde265 due to a SEGV in `slice.cc`.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-35452

reference_id

reference_type

scores

value	0.00136
scoring_system	epss
scoring_elements	0.33175
published_at	2026-05-30T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-35452

reference_url	https://github.com/strukturag/libde265/issues/298
reference_id
reference_type
scores
url	https://github.com/strukturag/libde265/issues/298

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014977
reference_id	1014977
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014977

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2021-35452
reference_id	CVE-2021-35452
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2021-35452

reference_url	https://security.gentoo.org/glsa/202408-20
reference_id	GLSA-202408-20
reference_type
scores
url	https://security.gentoo.org/glsa/202408-20

reference_url	https://usn.ubuntu.com/6627-1/
reference_id	USN-6627-1
reference_type
scores
url	https://usn.ubuntu.com/6627-1/

fixed_packages

url	pkg:apk/alpine/libde265@1.0.8-r2?arch=x86&distroversion=v3.14&reponame=main
purl	pkg:apk/alpine/libde265@1.0.8-r2?arch=x86&distroversion=v3.14&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libde265@1.0.8-r2%3Farch=x86&distroversion=v3.14&reponame=main

aliases CVE-2021-35452

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5srn-2sfd-5be1

url VCID-pdaa-ef9h-eyh2

vulnerability_id VCID-pdaa-ef9h-eyh2

summary

Out-of-bounds Write
Heap-based Buffer Overflow in GitHub repository strukturag/libde265 prior to and including 1.0.8. The fix is established in commit 8e89fe0e175d2870c39486fdd09250b230ec10b8 but does not yet belong to an official release.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-1253

reference_id

reference_type

scores

value	0.00482
scoring_system	epss
scoring_elements	0.65454
published_at	2026-05-30T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-1253

reference_url	https://github.com/strukturag/libde265/commit/8e89fe0e175d2870c39486fdd09250b230ec10b8
reference_id
reference_type
scores
url	https://github.com/strukturag/libde265/commit/8e89fe0e175d2870c39486fdd09250b230ec10b8

reference_url	https://huntr.dev/bounties/1-other-strukturag/libde265
reference_id
reference_type
scores
url	https://huntr.dev/bounties/1-other-strukturag/libde265

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014977
reference_id	1014977
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014977

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2022-1253
reference_id	CVE-2022-1253
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2022-1253

reference_url	https://security.gentoo.org/glsa/202408-20
reference_id	GLSA-202408-20
reference_type
scores
url	https://security.gentoo.org/glsa/202408-20

reference_url	https://usn.ubuntu.com/6627-1/
reference_id	USN-6627-1
reference_type
scores
url	https://usn.ubuntu.com/6627-1/

fixed_packages

url	pkg:apk/alpine/libde265@1.0.8-r2?arch=x86&distroversion=v3.14&reponame=main
purl	pkg:apk/alpine/libde265@1.0.8-r2?arch=x86&distroversion=v3.14&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libde265@1.0.8-r2%3Farch=x86&distroversion=v3.14&reponame=main

aliases CVE-2022-1253

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pdaa-ef9h-eyh2

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libde265@1.0.8-r2%3Farch=x86&distroversion=v3.14&reponame=main

Package Instance