Out-of-bounds Read in gpac/gpac
CVE-2023-5998

7.5HIGH

Key Information:

Vendor: gpac
Status: gpac/gpac
Vendor: CVE Published:; 7 November 2023

What is CVE-2023-5998?

An out-of-bounds read vulnerability exists in GPAC software versions prior to 2.3.0-DEV, potentially allowing attackers to access unintended memory locations. This could lead to information disclosure or potentially enable further exploits. Users are advised to update to the latest version to mitigate risks associated with this vulnerability.

Affected Version(s)

gpac/gpac < 2.3.0-DEV

References

https://huntr.com/bounties/ea02a231-b688-422b-a881-ef415b...

https://github.com/gpac/gpac/commit/db74835944548fc3bdf03...

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 7, 2023
Vulnerability Reserved
Nov 7, 2023