4.3
CVSSv2

CVE-2021-40592

Published: 08/06/2022 Updated: 27/05/2023
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

Vulnerability Summary

GPAC version before commit 71460d72ec07df766dab0a4d52687529f3efcf0a (version v1.0.1 onwards) contains loop with unreachable exit condition ('infinite loop') vulnerability in ISOBMFF reader filter, isoffin_read.c. Function isoffin_process() can result in DoS by infinite loop. To exploit, the victim must open a specially crafted mp4 file.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

gpac gpac

Vendor Advisories

Multiple issues were found in GPAC multimedia framework, which could result in denial of service or potentially the execution of arbitrary code For the stable distribution (bullseye), these problems have been fixed in version 101+dfsg1-4+deb11u2 We recommend that you upgrade your gpac packages For the detailed security status of gpac please re ...