Lucene search

Veracode Vulnerability DatabaseVERACODE:44610

HistoryDec 08, 2023 - 9:42 a.m.

Denial Of Service (DoS)

2023-12-0809:42:04

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

libgpac software vulnerability

denial of service

remote attackers

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

6.8 Medium

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

17.0%

JSON

libgpac.so is vulnerable to Denial of Service (DoS). The vulnerability occurs due to a memory leak in the gf_sg_vrml_field_pointer_del function of scenegraph/vrml_tools.c, allowing remote attackers to cause denial of service conditions.

CPENameOperatorVersion
libgpac.soeq10.1.0
libgpac.soeq10.1.0

CPE	Name	Operator	Version
	libgpac.so	eq	10.1.0
	libgpac.so	eq	10.1.0

References

gist.github.com/ReturnHere/d0899bb03b8f5e8fae118f2b76888486

github.com/gpac/gpac/commit/03760e34d32e502a0078b20d15ea83ecaf453a5c

github.com/gpac/gpac/issues/2658

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

6.8 Medium

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

17.0%

JSON

Related for VERACODE:44610