Lucene search

RedosROS-20221118-02

HistoryNov 18, 2022 - 12:00 a.m.

ROS-20221118-02

2022-11-1800:00:00

redos.red-soft.ru

mpeg-4

gpac

svg_parse_preserveaspectratio

memory leak

vulnerability

remote

exploitation

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

0.002 Low

EPSS

Percentile

61.3%

JSON

A vulnerability in the MPEG-4 GPAC system standard implementation is related to the svg_parse_preserveaspectratio
in the scenegraph/svg_attributes.c file of the SVG Parser component. Exploitation of the vulnerability could allow an attacker acting remotely to cause a memory leak.
an attacker acting remotely to cause a memory leak

OSVersionArchitecturePackageVersionFilename
redos7.3x86_64gpac<= 0.7.1-2UNKNOWN

OS	Version	Architecture	Package	Version	Filename
redos	7.3	x86_64	gpac	<= 0.7.1-2	UNKNOWN

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

0.002 Low

EPSS

Percentile

61.3%

JSON

Related for ROS-20221118-02