CVE-2023-50120

gpac/gpac

on github

Published

January 10, 2024

Severity

CVSS v3:

5.5 MEDIUM

CVSS v2:

N/A

Description

MP4Box GPAC version 2.3-DEV-rev636-gfbd7e13aa-master was discovered to contain an infinite loop in the function av1_uvlc at media_tools/av_parsers.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted MP4 file.

References

https://github.com/gpac/gpac/issues/2698

Configurations

CPE23	Version Start	Version End	Exact Version
cpe:2.3:a:gpac:gpac:2.3:dev::::::	n/a	n/a	2.3

External Links

NVD - CVE-2023-50120