CVE-2022-43040

GPAC 2.1-DEV-rev368-gfd054169b-master was discovered to contain a heap buffer overflow via the function gf_isom_box_dump_start_ex at /isomedia/box_funcs.c.

CVSS v3.0 7.8 HIGH

7.8^/10

CVSS v3.0 : HIGH

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://github.com/gpac/gpac/issues/2280	Exploit Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:gpac:gpac:2.1-dev-rev368-gfd054169b-master:*:*:*:*:*:*:*

Information

Published : 2022-10-19 07:15

Updated : 2022-10-20 13:45

NVD link : CVE-2022-43040

Mitre link : CVE-2022-43040

JSON object : View

CWE

CWE-787

Out-of-bounds Write

Products Affected

gpac

gpac

7.8 /10