Aggregates CVE and security vulnerability intelligence across all libass_project-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Historical issues mainly involve vendor risk buffer overflow and vendor risk memory corruption and related security problems, affecting vendor surface production workloads and vendor surface software deployment scenarios.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2020-36430 | libass 0.15.x before 0.15.1 has a heap-based buffer overflow in decode_chars (called from decode_font and process_text) because the wrong integer data type is used for subtraction. | [email protected] | 7.8 | 1.07% | 2021-07-20 | 2026-06-17 |
| CVE-2020-24994 | Stack overflow in the parse_tag function in libass/ass_parse.c in libass before 0.15.0 allows remote attackers to cause a denial of service or remote code execution via a crafted file. | [email protected] | 8.8 | 2.63% | 2021-03-23 | 2026-06-17 |
| CVE-2020-26682 | In libass 0.14.0, the `ass_outline_construct`'s call to `outline_stroke` causes a signed integer overflow. | [email protected] | 8.8 | 1.79% | 2020-10-16 | 2026-06-17 |
| CVE-2016-7972 | The check_allocations function in libass/ass_shaper.c in libass before 0.13.4 allows remote attackers to cause a denial of service (memory allocation failure) via unspecified vectors. | [email protected] | 7.5 | 5.23% | 2017-03-03 | 2026-06-17 |
| CVE-2016-7970 | Buffer overflow in the calc_coeff function in libass/ass_blur.c in libass before 0.13.4 allows remote attackers to cause a denial of service via unspecified vectors. | [email protected] | 7.5 | 4.75% | 2017-03-03 | 2026-06-17 |
| CVE-2016-7969 | The wrap_lines_smart function in ass_render.c in libass before 0.13.4 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors, related to "0/3 line wrapping equalization." | [email protected] | 7.5 | 4.23% | 2017-03-03 | 2026-06-17 |