CVE-2020-36430
Published
CVSS v3
7.8
HIGH
CVSS v2
6.8
MEDIUM
Affected
2
PROJECTS
Description
libass 0.15.x before 0.15.1 has a heap-based buffer overflow in decode_chars (called from decode_font and process_text) because the wrong integer data type is used for subtraction.
libass is a portable subtitle renderer for the ASS/SSA (Advanced Substation Alpha/Substation Alpha) subtitle format.
GitHub