CVE-2022-2457614.03.2022, 14:15GPAC 1.0.1 is affected by Use After Free through MP4Box.EnginsightProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVectorNISTNIST5.5 MEDIUMLOCALLOWNONECVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HmitreCNA------CVEADP------Base ScoreCVSS 3.xEPSS ScorePercentile: 35%VendorProductVersiongpacgpac1.0.1𝑥= Vulnerable software versionsDebian ReleasesDebian ProductCodenamegpacbullseye (security)vulnerablebullseyevulnerableUbuntu ReleasesUbuntu ProductCodenamegpacnoblenot-affectedmanticdnelunarnot-affectedkineticignoredjammyneeds-triageimpishignoredfocalneeds-triagebionicneeds-triagexenialneeds-triagetrustyneeds-triageKnown Exploits!https://github.com/gpac/gpac/issues/2061https://huntr.dev/bounties/011ac07c-6139-4f43-b745-424143e60ac7/https://github.com/gpac/gpac/issues/2061https://huntr.dev/bounties/011ac07c-6139-4f43-b745-424143e60ac7/Common Weakness EnumerationCWE-416 - Use After FreeReferencing memory after it has been freed can cause a program to crash, use unexpected values, or execute code.Referenceshttps://github.com/gpac/gpac/issues/2061https://huntr.dev/bounties/011ac07c-6139-4f43-b745-424143e60ac7/https://github.com/gpac/gpac/issues/2061https://huntr.dev/bounties/011ac07c-6139-4f43-b745-424143e60ac7/
