CVE-2020-16158

Published October 19th, 2020

View on NVD ↗

CVSS v3

8.8

HIGH

CVSS v2

6.8

MEDIUM

Affected

PROJECT

Description

GoPro gpmf-parser through 1.5 has a stack out-of-bounds write vulnerability in GPMF_ExpandComplexTYPE(). Parsing malicious input can result in a crash or potentially arbitrary code execution.

gopro/gpmf-parser

Parser for GPMF™ formatted telemetry data used within GoPro® cameras.

GitHub

646