CVE-2021-30014

Опубликовано: 19 апр. 2021

Источник: debian

EPSS Низкий

Описание

There is a integer overflow in media_tools/av_parsers.c in the hevc_parse_slice_segment function in GPAC from v0.9.0-preview to 1.0.1 which results in a crash.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
gpac	fixed	1.0.1+dfsg1-4		package
gpac	no-dsa		buster	package
gpac	no-dsa		stretch	package
ccextractor	fixed	0.93+ds2-1		package
ccextractor	no-dsa		bullseye	package
ccextractor	no-dsa		buster	package

Примечания

https://github.com/gpac/gpac/commit/51cdb67ff7c5f1242ac58c5aa603ceaf1793b788
https://github.com/gpac/gpac/issues/1721

EPSS

Процентиль: 27%

0.00097

Низкий

Связанные уязвимости

CVE-2021-30014

CVSS3: 5.5

ubuntu

почти 5 лет назад

There is a integer overflow in media_tools/av_parsers.c in the hevc_parse_slice_segment function in GPAC from v0.9.0-preview to 1.0.1 which results in a crash.

CVE-2021-30014

CVSS3: 5.5

nvd

почти 5 лет назад

There is a integer overflow in media_tools/av_parsers.c in the hevc_parse_slice_segment function in GPAC from v0.9.0-preview to 1.0.1 which results in a crash.

GHSA-3vxf-wg7j-jj54

github

больше 3 лет назад

There is a integer overflow in media_tools/av_parsers.c in the hevc_parse_slice_segment function in GPAC 1.0.1 which results in a crash.

EPSS

Процентиль: 27%

0.00097

Низкий