First published: Thu Jan 13 2022(Updated: )
The binary MP4Box in Gpac 1.0.1 has a double-free vulnerability in the gf_text_get_utf8_line function in load_text.c, which allows attackers to cause a denial of service, even code execution and escalation of privileges.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
GPAC GPAC | =1.0.1 | |
debian/gpac | <=0.5.2-426-gc5ad4e4+dfsg5-5 | 1.0.1+dfsg1-4+deb11u3 2.2.1+dfsg1-3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.