Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2024-6062

Опубликовано: 17 июн. 2024
Источник: nvd
CVSS3: 3.3
CVSS3: 5.5
CVSS2: 1.7
EPSS Низкий

Описание

A vulnerability was found in GPAC 2.5-DEV-rev228-g11067ea92-master and classified as problematic. Affected by this issue is the function swf_svg_add_iso_sample of the file src/filters/load_text.c of the component MP4Box. The manipulation leads to null pointer dereference. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The patch is identified as 31e499d310a48bd17c8b055a0bfe0fe35887a7cd. It is recommended to apply a patch to fix this issue. VDB-268790 is the identifier assigned to this vulnerability.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:gpac:gpac:2.5-dev-rev288-g11067ea92-master:*:*:*:*:*:*:*

EPSS

Процентиль: 22%
0.0007
Низкий

3.3 Low

CVSS3

5.5 Medium

CVSS3

1.7 Low

CVSS2

Дефекты

CWE-476

Связанные уязвимости

ubuntu логотип

CVE-2024-6062

CVSS3: 3.3
ubuntu
около 1 года назад

A vulnerability was found in GPAC 2.5-DEV-rev228-g11067ea92-master and classified as problematic. Affected by this issue is the function swf_svg_add_iso_sample of the file src/filters/load_text.c of the component MP4Box. The manipulation leads to null pointer dereference. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The patch is identified as 31e499d310a48bd17c8b055a0bfe0fe35887a7cd. It is recommended to apply a patch to fix this issue. VDB-268790 is the identifier assigned to this vulnerability.

debian логотип

CVE-2024-6062

CVSS3: 3.3
debian
около 1 года назад

A vulnerability was found in GPAC 2.5-DEV-rev228-g11067ea92-master and ...

github логотип

GHSA-qw32-4rhp-3985

CVSS3: 3.3
github
около 1 года назад

A vulnerability was found in GPAC 2.5-DEV-rev228-g11067ea92-master and classified as problematic. Affected by this issue is the function swf_svg_add_iso_sample of the file src/filters/load_text.c of the component MP4Box. The manipulation leads to null pointer dereference. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The patch is identified as 31e499d310a48bd17c8b055a0bfe0fe35887a7cd. It is recommended to apply a patch to fix this issue. VDB-268790 is the identifier assigned to this vulnerability.

redos логотип

ROS-20250430-03

CVSS3: 7.8
redos
около 2 месяцев назад

Множественные уязвимости gpac

EPSS

Процентиль: 22%
0.0007
Низкий

3.3 Low

CVSS3

5.5 Medium

CVSS3

1.7 Low

CVSS2

Дефекты

CWE-476