CVE-2022-36191
First published: Wed Aug 17 2022(Updated: )
A heap-buffer-overflow had occurred in function gf_isom_dovi_config_get of isomedia/avc_ext.c:2490, as demonstrated by MP4Box. This vulnerability was fixed in commit fef6242.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| debian/gpac | <=0.5.2-426-gc5ad4e4+dfsg5-5 | 1.0.1+dfsg1-4+deb11u3 2.2.1+dfsg1-3 |
| GPAC GPAC | <2.2.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID?
The vulnerability ID is CVE-2022-36191.
Where did the heap-buffer-overflow occur?
The heap-buffer-overflow occurred in function gf_isom_dovi_config_get of isomedia/avc_ext.c:2490.
What software is affected by the vulnerability?
The gpac package in Debian is affected by the vulnerability.
How was the vulnerability fixed?
The vulnerability was fixed in commit fef6242.
What is the severity of CVE-2022-36191?
The severity of CVE-2022-36191 is not mentioned in the provided information.
- collector/security-tracker-debian
- collector/nvd-index
- agent/author
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/remedy
- agent/type
- agent/event
- agent/severity
- agent/weakness
- agent/references
- agent/description
- agent/tags
- collector/mitre-cve
- source/MITRE
- package-manager/debian
- vendor/gpac
- canonical/gpac gpac