CVE-2021-31258

Опубликовано: 19 апр. 2021

Источник: debian

EPSS Низкий

Описание

The gf_isom_set_extraction_slc function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
gpac	fixed	1.0.1+dfsg1-4		package
gpac	no-dsa		buster	package
gpac	no-dsa		stretch	package
ccextractor	fixed	0.93+ds2-1		package
ccextractor	no-dsa		bullseye	package
ccextractor	no-dsa		buster	package

Примечания

https://github.com/gpac/gpac/commit/ebfa346eff05049718f7b80041093b4c5581c24e
https://github.com/gpac/gpac/issues/1706

EPSS

Процентиль: 25%

0.00086

Низкий

Связанные уязвимости

CVE-2021-31258

CVSS3: 5.5

ubuntu

почти 5 лет назад

The gf_isom_set_extraction_slc function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command.

CVE-2021-31258

CVSS3: 5.5

nvd

почти 5 лет назад

The gf_isom_set_extraction_slc function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command.

GHSA-5wvv-jg2m-5j9p

github

больше 3 лет назад

The gf_isom_set_extraction_slc function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command.

EPSS

Процентиль: 25%

0.00086

Низкий