CVE-2019-20632
on github
Published
Severity
CVSS v3:
5.5 MEDIUM
CVSS v2:
4.3 MEDIUM
Description
An issue was discovered in libgpac.a in GPAC before 0.8.0, as demonstrated by MP4Box. It contains an invalid pointer dereference in gf_odf_delete_descriptor in odf/desc_private.c that can cause a denial of service via a crafted MP4 file.
References
Configurations
CPE23 | Version Start | Version End | Exact Version |
---|---|---|---|
cpe:2.3:a:gpac:gpac:*:*:*:*:*:*:*:* | n/a | 0.8.0 | * |