CVE-2021-30014

Опубликовано: 19 апр. 2021

Источник: nvd

CVSS3: 5.5

CVSS2: 4.3

EPSS Низкий

Описание

There is a integer overflow in media_tools/av_parsers.c in the hevc_parse_slice_segment function in GPAC from v0.9.0-preview to 1.0.1 which results in a crash.

Ссылки

https://github.com/gpac/gpac/blob/v0.9.0-preview/src/media_tools/av_parsers.c#L6731
Product
https://github.com/gpac/gpac/commit/51cdb67ff7c5f1242ac58c5aa603ceaf1793b788
Patch
Third Party Advisory
https://github.com/gpac/gpac/issues/1721
Exploit
Third Party Advisory
https://github.com/gpac/gpac/commit/51cdb67ff7c5f1242ac58c5aa603ceaf1793b788
Patch
Third Party Advisory
https://github.com/gpac/gpac/issues/1721
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:gpac:gpac:*:*:*:*:*:*:*:*

Версия от 0.9.0 (включая) до 1.0.1 (включая)

EPSS

Процентиль: 27%

0.00097

Низкий

5.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-190

Связанные уязвимости

CVE-2021-30014

CVSS3: 5.5

ubuntu

почти 5 лет назад

There is a integer overflow in media_tools/av_parsers.c in the hevc_parse_slice_segment function in GPAC from v0.9.0-preview to 1.0.1 which results in a crash.

CVE-2021-30014

CVSS3: 5.5

debian

почти 5 лет назад

There is a integer overflow in media_tools/av_parsers.c in the hevc_pa ...

GHSA-3vxf-wg7j-jj54

github

больше 3 лет назад

There is a integer overflow in media_tools/av_parsers.c in the hevc_parse_slice_segment function in GPAC 1.0.1 which results in a crash.

EPSS

Процентиль: 27%

0.00097

Низкий

5.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-190