CVE-2022-36190

gpac/gpac

on github

Published

August 17, 2022

Severity

CVSS v3:

9.8 CRITICAL

CVSS v2:

N/A

Description

GPAC mp4box 2.1-DEV-revUNKNOWN-master has a use-after-free vulnerability in function gf_isom_dovi_config_get. This vulnerability was fixed in commit fef6242.

References

https://github.com/gpac/gpac/issues/2220
https://www.debian.org/security/2023/dsa-5411

Configurations

CPE23	Version Start	Version End	Exact Version
cpe:2.3:a:gpac:gpac:2.1:dev::::::	n/a	n/a	2.1
cpe:2.3:a:gpac:gpac::::::::	n/a	2.2.0	*

External Links

NVD - CVE-2022-36190