A vulnerability was found in strukturag Libde265 1.0.14. It has been rated as critical. Affected by this issue is the function
derive_combined_bipredictive_merging_candidates
of the file motion.cc. The manipulation leads to heap-based buffer overflow.
This vulnerability is handled as CVE-2023-49467. The attack can only be done within the local network. There is no exploit available.