Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:conan/libde265@1.0.10
Typeconan
Namespace
Namelibde265
Version1.0.10
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version1.0.12
Latest_non_vulnerable_version1.0.15
Affected_by_vulnerabilities
0
url VCID-1crc-jgdq-f3dg
vulnerability_id VCID-1crc-jgdq-f3dg
summary 
NULL Pointer Dereference
libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the ff_hevc_put_hevc_epel_pixels_8_sse function at sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input file.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-24752
reference_id
reference_type
scores
0
value 0.00033
scoring_system epss
scoring_elements 0.10289
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-24752
1
reference_url https://github.com/strukturag/libde265/issues/378
reference_id
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-07T17:36:36Z/
url https://github.com/strukturag/libde265/issues/378
2
reference_url https://lists.debian.org/debian-lts-announce/2023/03/msg00004.html
reference_id
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-07T17:36:36Z/
url https://lists.debian.org/debian-lts-announce/2023/03/msg00004.html
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-24752
reference_id CVE-2023-24752
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2023-24752
4
reference_url https://security.gentoo.org/glsa/202408-20
reference_id GLSA-202408-20
reference_type
scores
url https://security.gentoo.org/glsa/202408-20
5
reference_url https://usn.ubuntu.com/6659-1/
reference_id USN-6659-1
reference_type
scores
url https://usn.ubuntu.com/6659-1/
fixed_packages
aliases CVE-2023-24752
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1crc-jgdq-f3dg
1
url VCID-8ep6-cs6a-fua1
vulnerability_id VCID-8ep6-cs6a-fua1
summary 
NULL Pointer Dereference
libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the ff_hevc_put_weighted_pred_avg_8_sse function at sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input file.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-24758
reference_id
reference_type
scores
0
value 0.00033
scoring_system epss
scoring_elements 0.10289
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-24758
1
reference_url https://github.com/strukturag/libde265/issues/383
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-07T20:34:24Z/
url https://github.com/strukturag/libde265/issues/383
2
reference_url https://lists.debian.org/debian-lts-announce/2023/03/msg00004.html
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-07T20:34:24Z/
url https://lists.debian.org/debian-lts-announce/2023/03/msg00004.html
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-24758
reference_id CVE-2023-24758
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2023-24758
4
reference_url https://security.gentoo.org/glsa/202408-20
reference_id GLSA-202408-20
reference_type
scores
url https://security.gentoo.org/glsa/202408-20
5
reference_url https://usn.ubuntu.com/6659-1/
reference_id USN-6659-1
reference_type
scores
url https://usn.ubuntu.com/6659-1/
fixed_packages
aliases CVE-2023-24758
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8ep6-cs6a-fua1
2
url VCID-eaue-8qs5-5qct
vulnerability_id VCID-eaue-8qs5-5qct
summary 
NULL Pointer Dereference
libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the mc_chroma function at motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input file.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-24751
reference_id
reference_type
scores
0
value 0.0036
scoring_system epss
scoring_elements 0.58434
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-24751
1
reference_url https://github.com/strukturag/libde265/issues/379
reference_id
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-07T17:37:46Z/
url https://github.com/strukturag/libde265/issues/379
2
reference_url https://lists.debian.org/debian-lts-announce/2023/03/msg00004.html
reference_id
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-07T17:37:46Z/
url https://lists.debian.org/debian-lts-announce/2023/03/msg00004.html
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-24751
reference_id CVE-2023-24751
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2023-24751
4
reference_url https://security.gentoo.org/glsa/202408-20
reference_id GLSA-202408-20
reference_type
scores
url https://security.gentoo.org/glsa/202408-20
5
reference_url https://usn.ubuntu.com/6659-1/
reference_id USN-6659-1
reference_type
scores
url https://usn.ubuntu.com/6659-1/
fixed_packages
aliases CVE-2023-24751
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-eaue-8qs5-5qct
3
url VCID-f5de-n6k9-tqaz
vulnerability_id VCID-f5de-n6k9-tqaz
summary 
Out-of-bounds Write
Libde265 v1.0.10 was discovered to contain a heap-buffer-overflow vulnerability in the derive_spatial_luma_vector_prediction function in motion.cc.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-25221
reference_id
reference_type
scores
0
value 0.00038
scoring_system epss
scoring_elements 0.11663
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-25221
1
reference_url https://github.com/strukturag/libde265/issues/388
reference_id
reference_type
scores
0
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-03-07T17:35:11Z/
url https://github.com/strukturag/libde265/issues/388
2
reference_url https://lists.debian.org/debian-lts-announce/2023/03/msg00004.html
reference_id
reference_type
scores
0
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-03-07T17:35:11Z/
url https://lists.debian.org/debian-lts-announce/2023/03/msg00004.html
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-25221
reference_id CVE-2023-25221
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2023-25221
4
reference_url https://security.gentoo.org/glsa/202408-20
reference_id GLSA-202408-20
reference_type
scores
url https://security.gentoo.org/glsa/202408-20
5
reference_url https://usn.ubuntu.com/6659-1/
reference_id USN-6659-1
reference_type
scores
url https://usn.ubuntu.com/6659-1/
fixed_packages
aliases CVE-2023-25221
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-f5de-n6k9-tqaz
4
url VCID-m552-seqr-eqak
vulnerability_id VCID-m552-seqr-eqak
summary 
NULL Pointer Dereference
libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the ff_hevc_put_unweighted_pred_8_sse function at sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input file.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-24756
reference_id
reference_type
scores
0
value 0.00033
scoring_system epss
scoring_elements 0.10289
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-24756
1
reference_url https://github.com/strukturag/libde265/issues/380
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-07T20:35:17Z/
url https://github.com/strukturag/libde265/issues/380
2
reference_url https://lists.debian.org/debian-lts-announce/2023/03/msg00004.html
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-07T20:35:17Z/
url https://lists.debian.org/debian-lts-announce/2023/03/msg00004.html
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-24756
reference_id CVE-2023-24756
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2023-24756
4
reference_url https://security.gentoo.org/glsa/202408-20
reference_id GLSA-202408-20
reference_type
scores
url https://security.gentoo.org/glsa/202408-20
5
reference_url https://usn.ubuntu.com/6659-1/
reference_id USN-6659-1
reference_type
scores
url https://usn.ubuntu.com/6659-1/
fixed_packages
aliases CVE-2023-24756
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m552-seqr-eqak
5
url VCID-t3p7-1a7s-jkf6
vulnerability_id VCID-t3p7-1a7s-jkf6
summary 
NULL Pointer Dereference
libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the put_unweighted_pred_16_fallback function at fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input file.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-24757
reference_id
reference_type
scores
0
value 0.00023
scoring_system epss
scoring_elements 0.068
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-24757
1
reference_url https://github.com/strukturag/libde265/issues/385
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-07T16:06:34Z/
url https://github.com/strukturag/libde265/issues/385
2
reference_url https://lists.debian.org/debian-lts-announce/2023/03/msg00004.html
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-07T16:06:34Z/
url https://lists.debian.org/debian-lts-announce/2023/03/msg00004.html
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-24757
reference_id CVE-2023-24757
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2023-24757
4
reference_url https://security.gentoo.org/glsa/202408-20
reference_id GLSA-202408-20
reference_type
scores
url https://security.gentoo.org/glsa/202408-20
5
reference_url https://usn.ubuntu.com/6659-1/
reference_id USN-6659-1
reference_type
scores
url https://usn.ubuntu.com/6659-1/
fixed_packages
aliases CVE-2023-24757
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-t3p7-1a7s-jkf6
6
url VCID-t4ef-ythe-jfa9
vulnerability_id VCID-t4ef-ythe-jfa9
summary 
NULL Pointer Dereference
libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the put_weighted_pred_8_fallback function at fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input file.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-24755
reference_id
reference_type
scores
0
value 0.00033
scoring_system epss
scoring_elements 0.10289
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-24755
1
reference_url https://github.com/strukturag/libde265/issues/384
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-07T20:36:15Z/
url https://github.com/strukturag/libde265/issues/384
2
reference_url https://lists.debian.org/debian-lts-announce/2023/03/msg00004.html
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-07T20:36:15Z/
url https://lists.debian.org/debian-lts-announce/2023/03/msg00004.html
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-24755
reference_id CVE-2023-24755
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2023-24755
4
reference_url https://security.gentoo.org/glsa/202408-20
reference_id GLSA-202408-20
reference_type
scores
url https://security.gentoo.org/glsa/202408-20
5
reference_url https://usn.ubuntu.com/6659-1/
reference_id USN-6659-1
reference_type
scores
url https://usn.ubuntu.com/6659-1/
fixed_packages
aliases CVE-2023-24755
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-t4ef-ythe-jfa9
7
url VCID-vdq8-ksuf-u7hk
vulnerability_id VCID-vdq8-ksuf-u7hk
summary 
NULL Pointer Dereference
libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the ff_hevc_put_weighted_pred_avg_8_sse function at sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input file.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-24754
reference_id
reference_type
scores
0
value 0.00033
scoring_system epss
scoring_elements 0.10289
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-24754
1
reference_url https://github.com/strukturag/libde265/issues/382
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-07T20:37:06Z/
url https://github.com/strukturag/libde265/issues/382
2
reference_url https://lists.debian.org/debian-lts-announce/2023/03/msg00004.html
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-07T20:37:06Z/
url https://lists.debian.org/debian-lts-announce/2023/03/msg00004.html
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-24754
reference_id CVE-2023-24754
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2023-24754
4
reference_url https://security.gentoo.org/glsa/202408-20
reference_id GLSA-202408-20
reference_type
scores
url https://security.gentoo.org/glsa/202408-20
5
reference_url https://usn.ubuntu.com/6659-1/
reference_id USN-6659-1
reference_type
scores
url https://usn.ubuntu.com/6659-1/
fixed_packages
aliases CVE-2023-24754
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vdq8-ksuf-u7hk
Fixing_vulnerabilities
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:conan/libde265@1.0.10