6.6 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
12.4%
libgpac is vulnerable to Denial Of Service. The vulnerability is due to an infinite loop within the av1_uvlc at media_tools/av_parsers.c function which allows an attacker to cause denial of service via a malicious MP4 file.
av1_uvlc at media_tools/av_parsers.c
github.com/gpac/gpac/issues/2698