CVE-2021-45291

Опубликовано: 21 дек. 2021

Источник: nvd

CVSS3: 5.5

CVSS2: 4.3

EPSS Низкий

Описание

The gf_dump_setup function in GPAC 1.0.1 allows malicoius users to cause a denial of service (Invalid memory address dereference) via a crafted file in the MP4Box command.

Ссылки

https://github.com/gpac/gpac/issues/1955
Exploit
Issue Tracking
Third Party Advisory
https://www.debian.org/security/2023/dsa-5411
https://github.com/gpac/gpac/issues/1955
Exploit
Issue Tracking
Third Party Advisory
https://www.debian.org/security/2023/dsa-5411

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:gpac:gpac:1.0.1:*:*:*:*:*:*:*

EPSS

Процентиль: 28%

0.00099

Низкий

5.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-416

Связанные уязвимости

CVE-2021-45291

CVSS3: 5.5

ubuntu

около 4 лет назад

The gf_dump_setup function in GPAC 1.0.1 allows malicoius users to cause a denial of service (Invalid memory address dereference) via a crafted file in the MP4Box command.

CVE-2021-45291

CVSS3: 5.5

debian

около 4 лет назад

The gf_dump_setup function in GPAC 1.0.1 allows malicoius users to cau ...

GHSA-pvf9-7xmx-jpfw

CVSS3: 5.5

github

около 4 лет назад

The gf_dump_setup function in GPAC 1.0.1 allows malicoius users to cause a denial of service (Invalid memory address dereference) via a crafted file in the MP4Box command.

EPSS

Процентиль: 28%

0.00099

Низкий

5.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-416