CVE-2022-2457614.03.2022, 14:15GPAC 1.0.1 is affected by Use After Free through MP4Box.EnginsightProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVectorNISTPrimary5.5 MEDIUMLOCALLOWNONECVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HBase ScoreCVSS 3.xEPSS ScorePercentile: UnknownAffected Products (NVD)VendorProductVersiongpacgpac1.0.1𝑥= Vulnerable software versionsDebian ReleasesDebian ProductCodenamegpacbullseyevulnerablebullseye (security)vulnerableUbuntu ReleasesUbuntu ProductCodenamegpacbionicneeds-triagefocalneeds-triageimpishignoredjammyneeds-triagekineticignoredlunarnot-affectedmanticdnenoblenot-affectedtrustyneeds-triagexenialneeds-triageKnown Exploits!https://github.com/gpac/gpac/issues/2061https://huntr.dev/bounties/011ac07c-6139-4f43-b745-424143e60ac7/https://github.com/gpac/gpac/issues/2061https://huntr.dev/bounties/011ac07c-6139-4f43-b745-424143e60ac7/Common Weakness EnumerationCWE-416 - Use After FreeReferencing memory after it has been freed can cause a program to crash, use unexpected values, or execute code.Referenceshttps://github.com/gpac/gpac/issues/2061https://huntr.dev/bounties/011ac07c-6139-4f43-b745-424143e60ac7/https://github.com/gpac/gpac/issues/2061https://huntr.dev/bounties/011ac07c-6139-4f43-b745-424143e60ac7/
