libde265 v1.0.4 contains a heap buffer overflow fault in the _mm_loadl_epi64 function, which can be exploited via a crafted a file.
Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-21604
Reference (s):
- https://github.com/strukturag/libde265/issues/231