Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-61un-k2qx-vugt

Summary

Use After Free
There is a Heap-use-after-free in `intrapred.h` when decoding a file using `dec265`.

Aliases

alias	CVE-2021-36408

Fixed_packages

url	pkg:apk/alpine/libde265@1.0.8-r2?arch=aarch64&distroversion=v3.15&reponame=main
purl	pkg:apk/alpine/libde265@1.0.8-r2?arch=aarch64&distroversion=v3.15&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libde265@1.0.8-r2%3Farch=aarch64&distroversion=v3.15&reponame=main

url	pkg:apk/alpine/libde265@1.0.8-r2?arch=aarch64&distroversion=v3.17&reponame=main
purl	pkg:apk/alpine/libde265@1.0.8-r2?arch=aarch64&distroversion=v3.17&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libde265@1.0.8-r2%3Farch=aarch64&distroversion=v3.17&reponame=main

url	pkg:apk/alpine/libde265@1.0.8-r2?arch=aarch64&distroversion=v3.18&reponame=main
purl	pkg:apk/alpine/libde265@1.0.8-r2?arch=aarch64&distroversion=v3.18&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libde265@1.0.8-r2%3Farch=aarch64&distroversion=v3.18&reponame=main

url	pkg:apk/alpine/libde265@1.0.8-r2?arch=aarch64&distroversion=v3.20&reponame=main
purl	pkg:apk/alpine/libde265@1.0.8-r2?arch=aarch64&distroversion=v3.20&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libde265@1.0.8-r2%3Farch=aarch64&distroversion=v3.20&reponame=main

url	pkg:apk/alpine/libde265@1.0.8-r2?arch=armhf&distroversion=v3.15&reponame=main
purl	pkg:apk/alpine/libde265@1.0.8-r2?arch=armhf&distroversion=v3.15&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libde265@1.0.8-r2%3Farch=armhf&distroversion=v3.15&reponame=main

url	pkg:apk/alpine/libde265@1.0.8-r2?arch=armhf&distroversion=v3.17&reponame=main
purl	pkg:apk/alpine/libde265@1.0.8-r2?arch=armhf&distroversion=v3.17&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libde265@1.0.8-r2%3Farch=armhf&distroversion=v3.17&reponame=main

url	pkg:apk/alpine/libde265@1.0.8-r2?arch=armhf&distroversion=v3.18&reponame=main
purl	pkg:apk/alpine/libde265@1.0.8-r2?arch=armhf&distroversion=v3.18&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libde265@1.0.8-r2%3Farch=armhf&distroversion=v3.18&reponame=main

url	pkg:apk/alpine/libde265@1.0.8-r2?arch=armhf&distroversion=v3.20&reponame=main
purl	pkg:apk/alpine/libde265@1.0.8-r2?arch=armhf&distroversion=v3.20&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libde265@1.0.8-r2%3Farch=armhf&distroversion=v3.20&reponame=main

url	pkg:apk/alpine/libde265@1.0.8-r2?arch=armv7&distroversion=v3.15&reponame=main
purl	pkg:apk/alpine/libde265@1.0.8-r2?arch=armv7&distroversion=v3.15&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libde265@1.0.8-r2%3Farch=armv7&distroversion=v3.15&reponame=main

url	pkg:apk/alpine/libde265@1.0.8-r2?arch=armv7&distroversion=v3.17&reponame=main
purl	pkg:apk/alpine/libde265@1.0.8-r2?arch=armv7&distroversion=v3.17&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libde265@1.0.8-r2%3Farch=armv7&distroversion=v3.17&reponame=main

url	pkg:apk/alpine/libde265@1.0.8-r2?arch=armv7&distroversion=v3.18&reponame=main
purl	pkg:apk/alpine/libde265@1.0.8-r2?arch=armv7&distroversion=v3.18&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libde265@1.0.8-r2%3Farch=armv7&distroversion=v3.18&reponame=main

url	pkg:apk/alpine/libde265@1.0.8-r2?arch=armv7&distroversion=v3.20&reponame=main
purl	pkg:apk/alpine/libde265@1.0.8-r2?arch=armv7&distroversion=v3.20&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libde265@1.0.8-r2%3Farch=armv7&distroversion=v3.20&reponame=main

url	pkg:apk/alpine/libde265@1.0.8-r2?arch=ppc64le&distroversion=v3.15&reponame=main
purl	pkg:apk/alpine/libde265@1.0.8-r2?arch=ppc64le&distroversion=v3.15&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libde265@1.0.8-r2%3Farch=ppc64le&distroversion=v3.15&reponame=main

url	pkg:apk/alpine/libde265@1.0.8-r2?arch=ppc64le&distroversion=v3.17&reponame=main
purl	pkg:apk/alpine/libde265@1.0.8-r2?arch=ppc64le&distroversion=v3.17&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libde265@1.0.8-r2%3Farch=ppc64le&distroversion=v3.17&reponame=main

url	pkg:apk/alpine/libde265@1.0.8-r2?arch=ppc64le&distroversion=v3.18&reponame=main
purl	pkg:apk/alpine/libde265@1.0.8-r2?arch=ppc64le&distroversion=v3.18&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libde265@1.0.8-r2%3Farch=ppc64le&distroversion=v3.18&reponame=main

url	pkg:apk/alpine/libde265@1.0.8-r2?arch=ppc64le&distroversion=v3.20&reponame=main
purl	pkg:apk/alpine/libde265@1.0.8-r2?arch=ppc64le&distroversion=v3.20&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libde265@1.0.8-r2%3Farch=ppc64le&distroversion=v3.20&reponame=main

url	pkg:apk/alpine/libde265@1.0.8-r2?arch=riscv64&distroversion=v3.20&reponame=main
purl	pkg:apk/alpine/libde265@1.0.8-r2?arch=riscv64&distroversion=v3.20&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libde265@1.0.8-r2%3Farch=riscv64&distroversion=v3.20&reponame=main

url	pkg:apk/alpine/libde265@1.0.8-r2?arch=s390x&distroversion=v3.15&reponame=main
purl	pkg:apk/alpine/libde265@1.0.8-r2?arch=s390x&distroversion=v3.15&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libde265@1.0.8-r2%3Farch=s390x&distroversion=v3.15&reponame=main

url	pkg:apk/alpine/libde265@1.0.8-r2?arch=s390x&distroversion=v3.17&reponame=main
purl	pkg:apk/alpine/libde265@1.0.8-r2?arch=s390x&distroversion=v3.17&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libde265@1.0.8-r2%3Farch=s390x&distroversion=v3.17&reponame=main

url	pkg:apk/alpine/libde265@1.0.8-r2?arch=s390x&distroversion=v3.18&reponame=main
purl	pkg:apk/alpine/libde265@1.0.8-r2?arch=s390x&distroversion=v3.18&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libde265@1.0.8-r2%3Farch=s390x&distroversion=v3.18&reponame=main

url	pkg:apk/alpine/libde265@1.0.8-r2?arch=s390x&distroversion=v3.20&reponame=main
purl	pkg:apk/alpine/libde265@1.0.8-r2?arch=s390x&distroversion=v3.20&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libde265@1.0.8-r2%3Farch=s390x&distroversion=v3.20&reponame=main

url	pkg:apk/alpine/libde265@1.0.8-r2?arch=x86_64&distroversion=v3.15&reponame=main
purl	pkg:apk/alpine/libde265@1.0.8-r2?arch=x86_64&distroversion=v3.15&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libde265@1.0.8-r2%3Farch=x86_64&distroversion=v3.15&reponame=main

url	pkg:apk/alpine/libde265@1.0.8-r2?arch=x86_64&distroversion=v3.17&reponame=main
purl	pkg:apk/alpine/libde265@1.0.8-r2?arch=x86_64&distroversion=v3.17&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libde265@1.0.8-r2%3Farch=x86_64&distroversion=v3.17&reponame=main

url	pkg:apk/alpine/libde265@1.0.8-r2?arch=x86_64&distroversion=v3.18&reponame=main
purl	pkg:apk/alpine/libde265@1.0.8-r2?arch=x86_64&distroversion=v3.18&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libde265@1.0.8-r2%3Farch=x86_64&distroversion=v3.18&reponame=main

url	pkg:apk/alpine/libde265@1.0.8-r2?arch=x86_64&distroversion=v3.20&reponame=main
purl	pkg:apk/alpine/libde265@1.0.8-r2?arch=x86_64&distroversion=v3.20&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libde265@1.0.8-r2%3Farch=x86_64&distroversion=v3.20&reponame=main

url	pkg:apk/alpine/libde265@1.0.8-r2?arch=x86&distroversion=v3.15&reponame=main
purl	pkg:apk/alpine/libde265@1.0.8-r2?arch=x86&distroversion=v3.15&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libde265@1.0.8-r2%3Farch=x86&distroversion=v3.15&reponame=main

url	pkg:apk/alpine/libde265@1.0.8-r2?arch=x86&distroversion=v3.17&reponame=main
purl	pkg:apk/alpine/libde265@1.0.8-r2?arch=x86&distroversion=v3.17&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libde265@1.0.8-r2%3Farch=x86&distroversion=v3.17&reponame=main

url	pkg:apk/alpine/libde265@1.0.8-r2?arch=x86&distroversion=v3.18&reponame=main
purl	pkg:apk/alpine/libde265@1.0.8-r2?arch=x86&distroversion=v3.18&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libde265@1.0.8-r2%3Farch=x86&distroversion=v3.18&reponame=main

url	pkg:apk/alpine/libde265@1.0.8-r2?arch=x86&distroversion=v3.20&reponame=main
purl	pkg:apk/alpine/libde265@1.0.8-r2?arch=x86&distroversion=v3.20&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libde265@1.0.8-r2%3Farch=x86&distroversion=v3.20&reponame=main

url	pkg:deb/debian/libde265@1.0.8-1.1?distro=trixie
purl	pkg:deb/debian/libde265@1.0.8-1.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libde265@1.0.8-1.1%3Fdistro=trixie

url	pkg:deb/debian/libde265@1.0.11-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/libde265@1.0.11-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libde265@1.0.11-0%252Bdeb11u1%3Fdistro=trixie

url pkg:deb/debian/libde265@1.0.11-0%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/libde265@1.0.11-0%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7de8-hk93-e3ae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libde265@1.0.11-0%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/libde265@1.0.11-1%2Bdeb12u2?distro=trixie

purl pkg:deb/debian/libde265@1.0.11-1%2Bdeb12u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3azb-mxtp-cbe1

vulnerability	VCID-7de8-hk93-e3ae

vulnerability	VCID-7nst-d47y-skbm

vulnerability	VCID-t9wp-11kv-tkdc

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libde265@1.0.11-1%252Bdeb12u2%3Fdistro=trixie

url pkg:deb/debian/libde265@1.0.15-1?distro=trixie

purl pkg:deb/debian/libde265@1.0.15-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3azb-mxtp-cbe1

vulnerability	VCID-7de8-hk93-e3ae

vulnerability	VCID-7nst-d47y-skbm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libde265@1.0.15-1%3Fdistro=trixie

url	pkg:deb/debian/libde265@1.0.18-1?distro=trixie
purl	pkg:deb/debian/libde265@1.0.18-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libde265@1.0.18-1%3Fdistro=trixie

url	pkg:ebuild/media-libs/libde265@1.0.11
purl	pkg:ebuild/media-libs/libde265@1.0.11
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/media-libs/libde265@1.0.11

Affected_packages

url pkg:conan/libde265@1.0.8

purl pkg:conan/libde265@1.0.8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5pkw-zxxy-p7bn

vulnerability	VCID-5srn-2sfd-5be1

vulnerability	VCID-61un-k2qx-vugt

vulnerability	VCID-728j-byyt-t7bc

vulnerability	VCID-dj35-f5dk-zyc9

vulnerability	VCID-pdaa-ef9h-eyh2

resource_url http://public2.vulnerablecode.io/packages/pkg:conan/libde265@1.0.8

References

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-36408

reference_id

reference_type

scores

value	0.00103
scoring_system	epss
scoring_elements	0.2784
published_at	2026-05-30T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-36408

reference_url	https://github.com/strukturag/libde265/issues/299
reference_id
reference_type
scores
url	https://github.com/strukturag/libde265/issues/299

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014977
reference_id	1014977
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014977

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2021-36408
reference_id	CVE-2021-36408
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2021-36408

reference_url	https://security.gentoo.org/glsa/202408-20
reference_id	GLSA-202408-20
reference_type
scores
url	https://security.gentoo.org/glsa/202408-20

reference_url	https://usn.ubuntu.com/6617-1/
reference_id	USN-6617-1
reference_type
scores
url	https://usn.ubuntu.com/6617-1/

reference_url	https://usn.ubuntu.com/6627-1/
reference_id	USN-6627-1
reference_type
scores
url	https://usn.ubuntu.com/6627-1/

Weaknesses

cwe_id	1035
name	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.

cwe_id	416
name	Use After Free
description	Referencing memory after it has been freed can cause a program to crash, use unexpected values, or execute code.

cwe_id	937
name	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.

Exploits

Severity_range_score null

Exploitability 0.5

Weighted_severity 0.0

Risk_score null

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-61un-k2qx-vugt

Vulnerability Instance