Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2021-40571: fixed #1895 · gpac/gpac@a69b567

The binary MP4Box in Gpac 1.0.1 has a double-free vulnerability in the ilst_box_read function in box_code_apple.c, which allows attackers to cause a denial of service, even code execution and escalation of privileges.

CVE
#vulnerability#apple#dos#git

Permalink

Browse files

fixed #1895

  • Loading branch information

@jeanlf

jeanlf committed

Aug 30, 2021

1 parent 86c1566 commit a69b567b8c95c72f9560c873c5ab348be058f340

Showing with 1 addition and 0 deletions.

  1. +1 −0 src/odf/descriptors.c

1 src/odf/descriptors.c

Show comments View file

@@ -1613,6 +1613,7 @@ GF_AV1Config *gf_odf_av1_cfg_read_bs_size(GF_BitStream *bs, u32 size)

size -= (u32) obu_size;

}

gf_av1_reset_state(& state, GF_TRUE);

gf_bs_align(bs);

return cfg;

#else

return NULL;

0 comments on commit a69b567

Please sign in to comment.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907