{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/16974?format=json","vulnerability_id":"VCID-8ep6-cs6a-fua1","summary":"NULL Pointer Dereference\nlibde265 v1.0.10 was discovered to contain a NULL pointer dereference in the ff_hevc_put_weighted_pred_avg_8_sse function at sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input file.","aliases":[{"alias":"CVE-2023-24758"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/183880?format=json","purl":"pkg:deb/debian/libde265@1.0.11-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libde265@1.0.11-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/416353?format=json","purl":"pkg:deb/debian/libde265@1.0.11-0%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7de8-hk93-e3ae"},{"vulnerability":"VCID-7nst-d47y-skbm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libde265@1.0.11-0%252Bdeb11u3"},{"url":"http://public2.vulnerablecode.io/api/packages/183879?format=json","purl":"pkg:deb/debian/libde265@1.0.11-0%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7de8-hk93-e3ae"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libde265@1.0.11-0%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/183884?format=json","purl":"pkg:deb/debian/libde265@1.0.11-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libde265@1.0.11-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/183877?format=json","purl":"pkg:deb/debian/libde265@1.0.11-1%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3azb-mxtp-cbe1"},{"vulnerability":"VCID-7de8-hk93-e3ae"},{"vulnerability":"VCID-7nst-d47y-skbm"},{"vulnerability":"VCID-t9wp-11kv-tkdc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libde265@1.0.11-1%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/183882?format=json","purl":"pkg:deb/debian/libde265@1.0.15-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3azb-mxtp-cbe1"},{"vulnerability":"VCID-7de8-hk93-e3ae"},{"vulnerability":"VCID-7nst-d47y-skbm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libde265@1.0.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/183881?format=json","purl":"pkg:deb/debian/libde265@1.0.18-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libde265@1.0.18-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/194519?format=json","purl":"pkg:ebuild/media-libs/libde265@1.0.11","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/media-libs/libde265@1.0.11"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/62913?format=json","purl":"pkg:conan/libde265@1.0.10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1crc-jgdq-f3dg"},{"vulnerability":"VCID-8ep6-cs6a-fua1"},{"vulnerability":"VCID-eaue-8qs5-5qct"},{"vulnerability":"VCID-f5de-n6k9-tqaz"},{"vulnerability":"VCID-m552-seqr-eqak"},{"vulnerability":"VCID-t3p7-1a7s-jkf6"},{"vulnerability":"VCID-t4ef-ythe-jfa9"},{"vulnerability":"VCID-vdq8-ksuf-u7hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:conan/libde265@1.0.10"},{"url":"http://public2.vulnerablecode.io/api/packages/1058159?format=json","purl":"pkg:deb/debian/libde265@0.9-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14db-749q-3qga"},{"vulnerability":"VCID-1crc-jgdq-f3dg"},{"vulnerability":"VCID-1qcy-k1bb-w3e3"},{"vulnerability":"VCID-23u3-c8kn-ffee"},{"vulnerability":"VCID-5srn-2sfd-5be1"},{"vulnerability":"VCID-61un-k2qx-vugt"},{"vulnerability":"VCID-795w-1huc-ybht"},{"vulnerability":"VCID-7nst-d47y-skbm"},{"vulnerability":"VCID-8ep6-cs6a-fua1"},{"vulnerability":"VCID-9k3k-7e5p-e3b4"},{"vulnerability":"VCID-bn6d-taem-gfeg"},{"vulnerability":"VCID-dj35-f5dk-zyc9"},{"vulnerability":"VCID-f5de-n6k9-tqaz"},{"vulnerability":"VCID-fnnc-axrn-8khe"},{"vulnerability":"VCID-h1dr-3yj4-efgq"},{"vulnerability":"VCID-mavj-1s6k-fbfx"},{"vulnerability":"VCID-mrq7-mtce-2qe9"},{"vulnerability":"VCID-n4sh-88ef-2bgh"},{"vulnerability":"VCID-pave-cya5-zbf5"},{"vulnerability":"VCID-s3dz-e3c2-uqad"},{"vulnerability":"VCID-t4ef-ythe-jfa9"},{"vulnerability":"VCID-u92t-emk9-2ud5"},{"vulnerability":"VCID-vptc-wjht-m7an"},{"vulnerability":"VCID-xtqm-64zj-cfht"},{"vulnerability":"VCID-xx18-u8wg-xub9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libde265@0.9-1"},{"url":"http://public2.vulnerablecode.io/api/packages/1058160?format=json","purl":"pkg:deb/debian/libde265@1.0.2-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14db-749q-3qga"},{"vulnerability":"VCID-1crc-jgdq-f3dg"},{"vulnerability":"VCID-1qcy-k1bb-w3e3"},{"vulnerability":"VCID-23u3-c8kn-ffee"},{"vulnerability":"VCID-5srn-2sfd-5be1"},{"vulnerability":"VCID-61un-k2qx-vugt"},{"vulnerability":"VCID-795w-1huc-ybht"},{"vulnerability":"VCID-7nst-d47y-skbm"},{"vulnerability":"VCID-8ep6-cs6a-fua1"},{"vulnerability":"VCID-9k3k-7e5p-e3b4"},{"vulnerability":"VCID-bn6d-taem-gfeg"},{"vulnerability":"VCID-dj35-f5dk-zyc9"},{"vulnerability":"VCID-f5de-n6k9-tqaz"},{"vulnerability":"VCID-fnnc-axrn-8khe"},{"vulnerability":"VCID-h1dr-3yj4-efgq"},{"vulnerability":"VCID-mavj-1s6k-fbfx"},{"vulnerability":"VCID-mrq7-mtce-2qe9"},{"vulnerability":"VCID-n4sh-88ef-2bgh"},{"vulnerability":"VCID-pave-cya5-zbf5"},{"vulnerability":"VCID-s3dz-e3c2-uqad"},{"vulnerability":"VCID-t4ef-ythe-jfa9"},{"vulnerability":"VCID-u92t-emk9-2ud5"},{"vulnerability":"VCID-vptc-wjht-m7an"},{"vulnerability":"VCID-xtqm-64zj-cfht"},{"vulnerability":"VCID-xx18-u8wg-xub9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libde265@1.0.2-2"},{"url":"http://public2.vulnerablecode.io/api/packages/1058161?format=json","purl":"pkg:deb/debian/libde265@1.0.3-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14db-749q-3qga"},{"vulnerability":"VCID-1crc-jgdq-f3dg"},{"vulnerability":"VCID-1qcy-k1bb-w3e3"},{"vulnerability":"VCID-23u3-c8kn-ffee"},{"vulnerability":"VCID-5srn-2sfd-5be1"},{"vulnerability":"VCID-61un-k2qx-vugt"},{"vulnerability":"VCID-795w-1huc-ybht"},{"vulnerability":"VCID-7nst-d47y-skbm"},{"vulnerability":"VCID-8ep6-cs6a-fua1"},{"vulnerability":"VCID-9k3k-7e5p-e3b4"},{"vulnerability":"VCID-bn6d-taem-gfeg"},{"vulnerability":"VCID-dj35-f5dk-zyc9"},{"vulnerability":"VCID-f5de-n6k9-tqaz"},{"vulnerability":"VCID-fnnc-axrn-8khe"},{"vulnerability":"VCID-h1dr-3yj4-efgq"},{"vulnerability":"VCID-mavj-1s6k-fbfx"},{"vulnerability":"VCID-mrq7-mtce-2qe9"},{"vulnerability":"VCID-n4sh-88ef-2bgh"},{"vulnerability":"VCID-pave-cya5-zbf5"},{"vulnerability":"VCID-s3dz-e3c2-uqad"},{"vulnerability":"VCID-t4ef-ythe-jfa9"},{"vulnerability":"VCID-u92t-emk9-2ud5"},{"vulnerability":"VCID-vptc-wjht-m7an"},{"vulnerability":"VCID-xtqm-64zj-cfht"},{"vulnerability":"VCID-xx18-u8wg-xub9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libde265@1.0.3-1"}],"references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-24758","reference_id":"","reference_type":"","scores":[{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.10289","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-24758"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24758","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24758"},{"reference_url":"https://github.com/strukturag/libde265/issues/383","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-07T20:34:24Z/"}],"url":"https://github.com/strukturag/libde265/issues/383"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/03/msg00004.html","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-07T20:34:24Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/03/msg00004.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-24758","reference_id":"CVE-2023-24758","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-24758"},{"reference_url":"https://security.gentoo.org/glsa/202408-20","reference_id":"GLSA-202408-20","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202408-20"},{"reference_url":"https://usn.ubuntu.com/6659-1/","reference_id":"USN-6659-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6659-1/"}],"weaknesses":[{"cwe_id":1035,"name":"OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017."},{"cwe_id":476,"name":"NULL Pointer Dereference","description":"A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit."},{"cwe_id":937,"name":"OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013."}],"exploits":[],"severity_range_score":"5.5 - 5.5","exploitability":"0.5","weighted_severity":"5.0","risk_score":2.5,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8ep6-cs6a-fua1"}