Lucene search
Veracode Vulnerability DatabaseVERACODE:43183HistorySep 07, 2023 - 10:50 a.m.
Use After Free
2023-09-0710:50:58
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
10
libgpac.so
use after free
vulnerability
mp4_mux_configure_pid
memory location validation
src/filters/mux_isom.c
tracks array
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
0.0004 Low
EPSS
Percentile
12.7%
libgpac.so is vulnerable for Use After Free. The vulnerability is due to a lack of memory location validation in ctx->ref_tkw within the ctx->tracks array in the mp4_mux_configure_pid function of src/filters/mux_isom.c.
| CPE | Name | Operator | Version |
|---|---|---|---|
| libgpac.so | eq | 10.1.0 | |
| libgpac.so | eq | 10.1.0 |
Related
ubuntucve
ubuntucve
CVE-2023-4755
2023-09-04 00:00:00
huntr
huntr
heap-use-after-free in mp4_mux_process_fragmented filters/mux_isom.c:6634
2023-09-01 03:07:56
debiancve
debiancve
CVE-2023-4755
2023-09-04 14:15:08
cve
cve
CVE-2023-4755
2023-09-04 14:15:08
prion
prion
Design/Logic Flaw
2023-09-04 14:15:00
cvelist
cvelist
CVE-2023-4755 Use After Free in gpac/gpac
2023-09-04 13:46:46
nvd
nvd
CVE-2023-4755
2023-09-04 14:15:08
osv
osv
CVE-2023-4755
2023-09-04 14:15:08
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
0.0004 Low
EPSS
Percentile
12.7%
Related for VERACODE:43183