Memory Leak Vulnerability in GPAC Media Parsing Tool by GPAC
CVE-2023-48039

5.5MEDIUM

Key Information:

Vendor: Gpac
Status: Gpac
Vendor: CVE Published:; 20 November 2023

What is CVE-2023-48039?

The GPAC 2.3-DEV-rev617-g671976fcc-master version contains a vulnerability that leads to a memory leak during the media string parsing process. This flaw is found in the gf_mpd_parse_string function located in the media_tools/mpd.c file. As a result, an attacker may exploit this vulnerability to access memory contents, potentially compromising system stability and performance.

References

https://github.com/gpac/gpac/issues/2679

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 20, 2023
Vulnerability Reserved
Nov 13, 2023

Gpac

What is CVE-2023-48039?

References

CVSS V3.1

Timeline