CVE-2023-42298: Integer Overflow
First published: Thu Oct 12 2023(Updated: )
An issue in GPAC GPAC v.2.2.1 and before allows a local attacker to cause a denial of service via the Q_DecCoordOnUnitSphere function of file src/bifs/unquantize.c.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| GPAC GPAC | <=2.2.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID of this issue?
The vulnerability ID of this issue is CVE-2023-42298.
What is the severity of CVE-2023-42298?
The severity of CVE-2023-42298 is medium (5.5).
How does this vulnerability allow a denial of service?
This vulnerability allows a local attacker to cause a denial of service by exploiting the Q_DecCoordOnUnitSphere function in the unquantize.c file of GPAC.
Which version of GPAC is affected by CVE-2023-42298?
GPAC v.2.2.1 and earlier versions are affected by CVE-2023-42298.
Is there a fix available for this vulnerability?
A fix for this vulnerability is not specified in the provided information. It is recommended to update to a newer version of GPAC if available, or monitor the GPAC project for future updates and patches.
- agent/author
- agent/description
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/references
- agent/remedy
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/type
- agent/weakness
- collector/nvd-api
- collector/nvd-index
- vendor/gpac
- canonical/gpac gpac
- version/gpac gpac/2.2.1