CVE-2023-47471: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

November 16, 2023 (updated November 30, 2023)

Buffer Overflow vulnerability in strukturag libde265 v1.10.12 allows a local attacker to cause a denial of service via the slice_segment_header function in the slice.cc component.

References

github.com/strukturag/libde265/commit/e36b4a1b0bafa53df47514c419d5be3e8916ebc7
github.com/strukturag/libde265/issues/426
nvd.nist.gov/vuln/detail/CVE-2023-47471

Detect and mitigate CVE-2023-47471 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →