6.8 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
23.8%
gp_rtp_builder_do_hevc in ietf/rtp_pck_mpeg4.c in GPAC 2.0.0 has a heap-based buffer over-read, as demonstrated by MP4Box.
github.com/gpac/gpac/issues/2173
www.debian.org/security/2023/dsa-5411