CVE-2022-30976
on github
Published
Severity
CVSS v3:
7.1 HIGH
CVSS v2:
4 MEDIUM
Description
GPAC 2.0.0 misuses a certain Unicode utf8_wcslen (renamed gf_utf8_wcslen) function in utils/utf.c, resulting in a heap-based buffer over-read, as demonstrated by MP4Box.
References
Configurations
CPE23 | Version Start | Version End | Exact Version |
---|---|---|---|
cpe:2.3:a:gpac:gpac:2.0.0:*:*:*:*:*:*:* | n/a | n/a | 2.0.0 |