libde265 v1.0.4 contains a segmentation fault in the apply_sao_internal function, which can be exploited via a crafted a file.
Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-21605
Reference (s):
- https://github.com/strukturag/libde265/issues/234