CVE-2026-33165 | strukturag libde265 up to 1.0.16 Image Parser ctb_info.log2unitSize PicWidthInCtbsY/PicHeightInCtbsY out-of-bounds write (GHSA-653q-9f73-8hvg)

Inserito da Angelo Barbosa | Mar 20, 2026 | CVE

A vulnerability labeled as critical has been found in strukturag libde265 up to 1.0.16. This vulnerability affects the function ctb_info.log2unitSize of the component Image Parser. Such manipulation of the argument PicWidthInCtbsY/PicHeightInCtbsY leads to out-of-bounds write.

This vulnerability is traded as CVE-2026-33165. The attack may be launched remotely. There is no exploit available.

The affected component should be upgraded.

CVE-2026-33165 | strukturag libde265 up to 1.0.16 Image Parser ctb_info.log2unitSize PicWidthInCtbsY/PicHeightInCtbsY out-of-bounds write (GHSA-653q-9f73-8hvg)

Post correlati

CVE-2024-21661 | argocd up to 2.8.12/2.9.8/2.10.3 out-of-bounds write

CVE-2024-38373 | FreeRTOS-Plus-TCP up to 4.1.0 DNS Response Parser length buffer over-read (GHSA-ppcp-rg65-58mv)

CVE-2024-51189 | TRENDnet TEW-651BR/TEW-652BRU /filters.htm macList_Name_1.1.1.0.0 cross site scripting

CVE-2024-27820 | Apple visionOS Web Contents memory corruption