CVE-2020-19750

Опубликовано: 07 сент. 2021

Источник: debian

Описание

An issue was discovered in gpac 0.8.0. The strdup function in box_code_base.c has a heap-based buffer over-read.

Пакет	Статус	Версия исправления	Релиз	Тип
gpac	fixed	1.0.1+dfsg1-2		package
gpac	no-dsa		buster	package
gpac	no-dsa		stretch	package

https://github.com/gpac/gpac/issues/1262
https://github.com/gpac/gpac/commit/3fcf66c6031da966cf33ee89bcbefa2f8bec4b02 (v0.9.0-preview~20)

CVE-2020-19750

CVSS3: 7.5

ubuntu

больше 4 лет назад

An issue was discovered in gpac 0.8.0. The strdup function in box_code_base.c has a heap-based buffer over-read.

CVE-2020-19750

CVSS3: 7.5

nvd

больше 4 лет назад

An issue was discovered in gpac 0.8.0. The strdup function in box_code_base.c has a heap-based buffer over-read.

GHSA-j39p-g3jw-98vv

CVSS3: 7.5

github

больше 3 лет назад

An issue was discovered in gpac 0.8.0. The strdup function in box_code_base.c has a heap-based buffer over-read.

BDU:2022-01739

CVSS3: 7.5

fstec

больше 4 лет назад

Уязвимость функции strdup компонента box_code_base.c мультимедийной платформы GPAC, позволяющая нарушителю вызвать отказ в обслуживании