CVE-2020-23931

Опубликовано: 21 апр. 2021

Источник: nvd

CVSS3: 7.1

CVSS2: 5.8

EPSS Низкий

Описание

An issue was discovered in gpac before 1.0.1. The abst_box_read function in box_code_adobe.c has a heap-based buffer over-read.

Ссылки

https://cwe.mitre.org/data/definitions/126.html
Technical Description
Third Party Advisory
https://github.com/gpac/gpac/commit/093283e727f396130651280609e687cd4778e0d1
Patch
Third Party Advisory
https://github.com/gpac/gpac/issues/1564
Third Party Advisory
https://github.com/gpac/gpac/issues/1567
Third Party Advisory
https://cwe.mitre.org/data/definitions/126.html
Technical Description
Third Party Advisory
https://github.com/gpac/gpac/commit/093283e727f396130651280609e687cd4778e0d1
Patch
Third Party Advisory
https://github.com/gpac/gpac/issues/1564
Third Party Advisory
https://github.com/gpac/gpac/issues/1567
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:gpac:gpac:*:*:*:*:*:*:*:*

Версия до 1.0.1 (исключая)

EPSS

Процентиль: 52%

0.00293

Низкий

7.1 High

CVSS3

5.8 Medium

CVSS2

Дефекты

CWE-125

Связанные уязвимости

CVE-2020-23931

CVSS3: 7.1

ubuntu

почти 5 лет назад

An issue was discovered in gpac before 1.0.1. The abst_box_read function in box_code_adobe.c has a heap-based buffer over-read.

CVE-2020-23931

CVSS3: 7.1

debian

почти 5 лет назад

An issue was discovered in gpac before 1.0.1. The abst_box_read functi ...

GHSA-7x5x-56r3-w8xg

CVSS3: 7.1

github

больше 3 лет назад

An issue was discovered in gpac before 1.0.1. The abst_box_read function in box_code_adobe.c has a heap-based buffer over-read.

EPSS

Процентиль: 52%

0.00293

Низкий

7.1 High

CVSS3

5.8 Medium

CVSS2

Дефекты

CWE-125