{"id":"CVE-2023-43887","details":"Libde265 v1.0.12 was discovered to contain multiple buffer overflows via the num_tile_columns and num_tile_row parameters in the function pic_parameter_set::dump.","modified":"2026-04-12T02:37:10.438013Z","published":"2023-11-22T18:15:08.747Z","references":[{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2023/11/msg00032.html"},{"type":"FIX","url":"https://github.com/strukturag/libde265/commit/63b596c915977f038eafd7647d1db25488a8c133"},{"type":"FIX","url":"https://github.com/strukturag/libde265/issues/418"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/strukturag/libde265","events":[{"introduced":"0"},{"last_affected":"a267c84707ab264928fa9b86de2ee749c48c318c"},{"fixed":"63b596c915977f038eafd7647d1db25488a8c133"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"1.0.12"}]}}],"versions":["v0.1","v0.2","v0.3","v0.4","v0.5","v1.0.0","v1.0.10","v1.0.11","v1.0.12","v1.0.3","v1.0.4","v1.0.5","v1.0.6","v1.0.7","v1.0.8","v1.0.9"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-43887.json","vanir_signatures":[{"deprecated":false,"signature_type":"Function","digest":{"length":468,"function_hash":"115318745234840897845172318388566652946"},"target":{"file":"libde265/decctx.cc","function":"decoder_context::read_pps_NAL"},"signature_version":"v1","id":"CVE-2023-43887-33eaefc0","source":"https://github.com/strukturag/libde265/commit/63b596c915977f038eafd7647d1db25488a8c133"},{"deprecated":false,"signature_type":"Line","digest":{"line_hashes":["145631099459763226381212929949972107850","329025106158059296245517650606473879127","224877373758412648504169160339250263469","33325110550459107806935975561007447492","67677560191946787987919874293443464310","150421879833117031061740108422218256599","313785268145090874383446176971876695378","53004177848232812490147634192017942808","240418118779755308749764802555398091281","194908936974693031164250873985602853148","122689502183537620170736254362945799620"],"threshold":0.9},"target":{"file":"libde265/decctx.cc"},"signature_version":"v1","id":"CVE-2023-43887-af066c82","source":"https://github.com/strukturag/libde265/commit/63b596c915977f038eafd7647d1db25488a8c133"}],"vanir_signatures_modified":"2026-04-12T02:37:10Z"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H"}]}