0pepsi/CVE-2025-60458

Releases0

UxPlay version 1.72 contains a double free vulnerability in its RTSP request handling logic.

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2025-60458 ↗	Dec 29, 2025Monday, 29 December 2025, 15:16	6.5 MEDIUM	—
UxPlay 1.72 contains a double free vulnerability in its RTSP request handling. A specially crafted RTSP TEARDOWN request can trigger multiple calls to free() on the same memory address, potentially causing a Denial of Service.