The binary MP4Box in Gpac 1.0.1 has a double-free bug in the av1dmx_finalize function in reframe_av1.c, which allows malicious users to cause a denial of service.
Multiple issues were found in GPAC multimedia framework, which could result
in denial of service or potentially the execution of arbitrary code
For the stable distribution (bullseye), these problems have been fixed in
version 101+dfsg1-4+deb11u2
We recommend that you upgrade your gpac packages
For the detailed security status of gpac please re ...