Published: 21/04/2021 Updated: 27/05/2023

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8

VMScore: 605

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

An issue exists in GPAC version 0.8.0 and 1.0.1. There is a use-after-free in the function gf_isom_box_del() in isomedia/box_funcs.c.

Vulnerable Product	Search on Vulmon	Subscribe to Product
gpac gpac 0.8.0
gpac gpac 1.0.1

Debian Bug report logs - #994746 ccextractor embeds unpatched and vulnerable source code from gpac Package: ccextractor; Maintainer for ccextractor is Freexian Packaging Team <team+freexian@trackerdebianorg>; Source for ccextractor is src:ccextractor (PTS, buildd, popcon) Reported by: Neil Williams <codehelp@debianorg& ...

Debian Bug report logs - #987374 gpac: CVE-2020-23928 CVE-2020-23930 CVE-2020-23931 CVE-2020-23932 CVE-2020-35979 CVE-2020-35980 CVE-2020-35981 CVE-2020-35982 Package: src:gpac; Maintainer for src:gpac is Debian Multimedia Maintainers <debian-multimedia@listsdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianor ...

Multiple issues were found in GPAC multimedia framework, which could result in denial of service or potentially the execution of arbitrary code For the stable distribution (bullseye), these problems have been fixed in version 101+dfsg1-4+deb11u2 We recommend that you upgrade your gpac packages For the detailed security status of gpac please re ...

An issue was discovered in GPAC version 080 and 101 There is a use-after-free in the function gf_isom_box_del() in isomedia/box_funcsc ...

CWE-416 https://github.com/gpac/gpac/issues/1661 https://github.com/gpac/gpac/commit/5aba27604d957e960d8069d85ccaf868f8a7b07a https://www.debian.org/security/2023/dsa-5411 https://nvd.nist.gov https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=994746 https://www.debian.org/security/2023/dsa-5411

CVE-2020-35980

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect