Lucene search
Veracode Vulnerability DatabaseVERACODE:36192HistoryJun 29, 2022 - 2:14 a.m.
Denial Of Service (DoS)
2022-06-2902:14:26
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
11
0.001 Low
EPSS
Percentile
19.9%
libgpac.so is vulnerable to denial of service. The vulnerability exists through the heap-buffer-overflow in the schm_box_read function of box_code_drm.c because the function does not properly check the length of URI, allowing an attacker to crash the application by providing a maliciously crafted file to the MP4Box command.
| CPE | Name | Operator | Version |
|---|---|---|---|
| libgpac.so | le | 10.1.0 | |
| gpac:sid | eq | 1.0.1+dfsg1-3 | |
| gpac:bookworm | eq | 1.0.1+dfsg1-5 | |
| libgpac.so | le | 10.1.0 | |
| gpac:sid | eq | 1.0.1+dfsg1-3 | |
| gpac:bookworm | eq | 1.0.1+dfsg1-5 |
Related
cve
cve
CVE-2021-40607
2022-06-28 13:15:09
ubuntucve
ubuntucve
CVE-2021-40607
2022-06-28 00:00:00
prion
prion
Command injection
2022-06-28 13:15:00
cvelist
cvelist
CVE-2021-40607
2022-06-28 11:04:06
nvd
nvd
CVE-2021-40607
2022-06-28 13:15:09
osv
osv
CVE-2021-40607
2022-06-28 13:15:09
debiancve
debiancve
CVE-2021-40607
2022-06-28 13:15:09