Product:

Libass

(Libass_project)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 6
Date Id Summary Products Score Patch Annotated
2020-10-16 CVE-2020-26682 In libass 0.14.0, the `ass_outline_construct`'s call to `outline_stroke` causes a signed integer overflow. Libass 8.8
2021-03-23 CVE-2020-24994 Stack overflow in the parse_tag function in libass/ass_parse.c in libass before 0.15.0 allows remote attackers to cause a denial of service or remote code execution via a crafted file. Libass 8.8
2021-07-20 CVE-2020-36430 libass 0.15.x before 0.15.1 has a heap-based buffer overflow in decode_chars (called from decode_font and process_text) because the wrong integer data type is used for subtraction. Fedora, Libass 7.8
2017-03-03 CVE-2016-7969 The wrap_lines_smart function in ass_render.c in libass before 0.13.4 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors, related to "0/3 line wrapping equalization." Fedora, Libass, Leap, Opensuse 7.5
2017-03-03 CVE-2016-7970 Buffer overflow in the calc_coeff function in libass/ass_blur.c in libass before 0.13.4 allows remote attackers to cause a denial of service via unspecified vectors. Fedora, Libass 7.5
2017-03-03 CVE-2016-7972 The check_allocations function in libass/ass_shaper.c in libass before 0.13.4 allows remote attackers to cause a denial of service (memory allocation failure) via unspecified vectors. Fedora, Libass, Leap, Opensuse 7.5