5.5

CVE-2021-45288

Exploit
A Double Free vulnerability exists in filedump.c in GPAC 1.0.1, which could cause a Denail of Service via a crafted file in the MP4Box command.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
GpacGpac Version1.0.1
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.61% 0.446
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
nvd@nist.gov 4.3 8.6 2.9
AV:N/AC:M/Au:N/C:N/I:N/A:P
CWE-415 Double Free

The product calls free() twice on the same memory address.

https://github.com/gpac/gpac/issues/1956
Patch
Third Party Advisory
Exploit
Issue Tracking