CVE-2024-0322

Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.3-DEV.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.1 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
@huntr_aiCNA
4.4 MEDIUM
LOCAL
LOW
NONE
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L
CVEADP
---
---
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 29%
VendorProductVersion
gpacgpac
𝑥
< 2.3.0
gpacgpac
2.3.0:dev
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
gpac
bullseye (security)
vulnerable
bullseye
vulnerable
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
gpac
questing
dne
oracular
dne
noble
Fixed 2.2.1+dfsg1-3.1ubuntu0.1~esm2
released
mantic
dne
lunar
ignored
jammy
Fixed 2.0.0+dfsg1-2ubuntu0.1~esm2
released
focal
not-affected
bionic
not-affected
xenial
not-affected
trusty
not-affected
Common Weakness Enumeration
References
https://github.com/gpac/gpac/commit/092904b80edbc4dce315684a59cc3184c45c1b70
https://huntr.com/bounties/87611fc9-ed7c-43e9-8e52-d83cd270bbec
https://github.com/gpac/gpac/commit/092904b80edbc4dce315684a59cc3184c45c1b70
https://huntr.com/bounties/87611fc9-ed7c-43e9-8e52-d83cd270bbec