Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2023-0770: fixed #2316 · gpac/gpac@c319418

Stack-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.2.

CVE
#git#buffer_overflow

@@ -1292,7 +1292,10 @@ Bool gf_sg_proto_field_is_sftime_offset(GF_Node *node, GF_FieldInfo *field)

gf_node_get_field(r->ToNode, r->ToField.fieldIndex, &inf);

/*IS to another proto*/

if (r->ToNode->sgprivate->tag == TAG_ProtoNode) return gf_sg_proto_field_is_sftime_offset(r->ToNode, &inf);

if (r->ToNode->sgprivate->tag == TAG_ProtoNode) {

if (r->ToNode==node) continue;

return gf_sg_proto_field_is_sftime_offset(r->ToNode, &inf);

}

/*IS to a startTime/stopTime field*/

if (!stricmp(inf.name, “startTime”) || !stricmp(inf.name, “stopTime”)) return 1;

}

Related news

Debian Security Advisory 5411-1

Debian Linux Security Advisory 5411-1 - Multiple issues were found in GPAC multimedia framework, which could result in denial of service or potentially the execution of arbitrary code.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907