CVE-2023-4679
Use After Free in gpac/gpac
Severity Score
5.9
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
Track*
*SSVC
Descriptions
A use after free vulnerability exists in GPAC version 2.3-DEV-revrelease, specifically in the gf_filterpacket_del function in filter_core/filter.c at line 38. This vulnerability can lead to a double-free condition, which may cause the application to crash.
Existe una vulnerabilidad de use after free en la versión 2.3-DEV-revrelease de GPAC, específicamente en la función gf_filterpacket_del en filter_core/filter.c en la línea 38. Esta vulnerabilidad puede generar una condición de doble liberación, que puede provocar que la aplicación se bloquee.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:Track*
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2023-08-31 CVE Reserved
- 2024-11-15 CVE Published
- 2024-11-15 CVE Updated
- 2025-06-11 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-416: Use After Free
CAPEC
References (2)
URL | Tag | Source |
---|---|---|
https://github.com/gpac/gpac/commit/b68b3f0bf5c366e003221d78fd663a1d5514a876 | ||
https://huntr.com/bounties/6f721ee7-8785-4c26-801e-f40fed3faaac |
|
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|