CVE-2022-29537

on github

Published

April 20, 2022

Severity

CVSS v3:

5.5 MEDIUM

CVSS v2:

4.3 MEDIUM

Description

gp_rtp_builder_do_hevc in ietf/rtp_pck_mpeg4.c in GPAC 2.0.0 has a heap-based buffer over-read, as demonstrated by MP4Box.

References

Configurations

CPE23	Version Start	Version End	Exact Version
cpe:2.3:a:gpac:gpac:2.0.0:::::::*	n/a	n/a	2.0.0

External Links

NVD - CVE-2022-29537