CVE-2019-20630
on github
Published
Severity
CVSS v3:
5.5 MEDIUM
CVSS v2:
4.3 MEDIUM
Description
An issue was discovered in libgpac.a in GPAC before 0.8.0, as demonstrated by MP4Box. It contains a heap-based buffer over-read in BS_ReadByte (called from gf_bs_read_bit) in utils/bitstream.c that can cause a denial of service via a crafted MP4 file.
References
Configurations
CPE23 | Version Start | Version End | Exact Version |
---|---|---|---|
cpe:2.3:a:gpac:gpac:*:*:*:*:*:*:*:* | n/a | 0.8.0 | * |