A vulnerability classified as problematic was found in GPAC. Affected by this vulnerability is the function svg_parse_preserveaspectratio of the file scenegraph/svg_attributes.c of the component SVG Parser. The manipulation leads to memory leak. The attack can be launched remotely. The name of the patch is 2191e66aa7df750e8ef01781b1930bea87b713bb. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-213463.
References
Link | Resource |
---|---|
https://github.com/gpac/gpac/commit/2191e66aa7df750e8ef01781b1930bea87b713bb | Patch Third Party Advisory |
https://vuldb.com/?id.213463 | Permissions Required Third Party Advisory VDB Entry |
https://www.debian.org/security/2023/dsa-5411 |
Configurations
History
27 May 2023, 04:15
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-404 | |
References |
|
05 May 2023, 19:45
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:gpac:gpac:*:*:*:*:*:*:*:* | |
CWE | ||
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.5 |
References | (N/A) https://github.com/gpac/gpac/commit/2191e66aa7df750e8ef01781b1930bea87b713bb - Patch, Third Party Advisory | |
References | (N/A) https://vuldb.com/?id.213463 - Permissions Required, Third Party Advisory, VDB Entry |
11 Nov 2022, 16:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-11-11 16:15
Updated : 2024-02-04 22:51
NVD link : CVE-2022-3957
Mitre link : CVE-2022-3957
CVE.ORG link : CVE-2022-3957
JSON object : View
Products Affected
gpac
- gpac