CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda

CVE-2023-6905

CVE-2023-6903

CVE-2023-6904

CVE-2023-3907

The binary MP4Box in Gpac 1.0.1 has a double-free vulnerability in the ilst_box_read function in box_code_apple.c, which allows attackers to cause a denial of service, even code execution and escalation of privileges.

Permalink

Browse files

fixed #1895

*   Loading branch information

![@jeanlf](https://avatars.githubusercontent.com/u/7303785?s=40&v=4)

jeanlf committed

Aug 30, 2021

1 parent 86c1566 commit a69b567b8c95c72f9560c873c5ab348be058f340

Showing with **1 addition** and **0 deletions**.

1.  +1 −0 src/odf/descriptors.c

1 src/odf/descriptors.c

Show comments View file

@@ -1613,6 +1613,7 @@ GF\_AV1Config \*gf\_odf\_av1\_cfg\_read\_bs\_size(GF\_BitStream \*bs, u32 size)

size -= (u32) obu\_size;

}

gf\_av1\_reset\_state(& state, GF\_TRUE);

gf\_bs\_align(bs);

return cfg;

#else

return NULL;

**0 comments on commit `a69b567`**

Please sign in to comment.

Headline

CVE-2021-40571: fixed #1895 · gpac/gpac@a69b567

CVE: Latest News