Vulnerabilities > Libass Project > Libass > 0.13.3

DATE CVE VULNERABILITY TITLE RISK
2021-03-23 CVE-2020-24994 Allocation of Resources Without Limits or Throttling vulnerability in Libass Project Libass 0.13.3/0.14.0
Stack overflow in the parse_tag function in libass/ass_parse.c in libass before 0.15.0 allows remote attackers to cause a denial of service or remote code execution via a crafted file.
network
low complexity
libass-project CWE-770
8.8
8.8
2017-03-03 CVE-2016-7972 Resource Management Errors vulnerability in multiple products
The check_allocations function in libass/ass_shaper.c in libass before 0.13.4 allows remote attackers to cause a denial of service (memory allocation failure) via unspecified vectors.
network
low complexity
opensuse fedoraproject libass-project CWE-399
7.5
7.5
2017-03-03 CVE-2016-7970 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Buffer overflow in the calc_coeff function in libass/ass_blur.c in libass before 0.13.4 allows remote attackers to cause a denial of service via unspecified vectors.
network
low complexity
fedoraproject libass-project CWE-119
7.5
7.5
2017-03-03 CVE-2016-7969 Out-of-bounds Read vulnerability in multiple products
The wrap_lines_smart function in ass_render.c in libass before 0.13.4 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors, related to "0/3 line wrapping equalization."
network
low complexity
opensuse fedoraproject libass-project CWE-125
7.5
7.5