VDB-190223 · CVE-2021-36417 · ID 1846

GPAC 1.0.1 gf_isom_dovi_config_get heap-based overflow

A vulnerability was found in GPAC 1.0.1. It has been rated as critical. This issue affects the function gf_isom_dovi_config_get. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

User

0	21
1	17

Field

source_cve_nvd_summary	1
exploit_price_0day	1
vulnerability_cvss3_meta_tempscore	1
vulnerability_cvss3_meta_basescore	1
vulnerability_cvss3_vuldb_tempscore	1

Commit Conf

90%	24
50%	13
70%	1

Approve Conf

90%	24
80%	13
70%	1

ID	Commited	User	Field	Change	Remarks	Accepted	Reason	C
12050188	01/15/2022	VulD...	cve_nvd_summary	A heap-based buffer overflow vulnerability exists in GPAC v1.0.1 in the gf_isom_dovi_config_get function in MP4Box, which causes a denial of service or execute arbitrary code via a crafted file.	cve.mitre.org	01/15/2022	accepted	70
12038236	01/13/2022	VulD...	price_0day	$0-$5k	see exploit price documentation	01/13/2022	accepted	90
12038235	01/13/2022	VulD...	cvss3_meta_tempscore	5.5	see CVSS documentation	01/13/2022	accepted	90
12038234	01/13/2022	VulD...	cvss3_meta_basescore	5.5	see CVSS documentation	01/13/2022	accepted	90
12038233	01/13/2022	VulD...	cvss3_vuldb_tempscore	5.5	see CVSS documentation	01/13/2022	accepted	90
12038232	01/13/2022	VulD...	cvss3_vuldb_basescore	5.5	see CVSS documentation	01/13/2022	accepted	90
12038231	01/13/2022	VulD...	cvss2_vuldb_tempscore	5.2	see CVSS documentation	01/13/2022	accepted	90
12038230	01/13/2022	VulD...	cvss2_vuldb_basescore	5.2	see CVSS documentation	01/13/2022	accepted	90
12038229	01/13/2022	VulD...	cvss3_vuldb_rl	X	derived from historical data	01/13/2022	accepted	80
12038228	01/13/2022	VulD...	cvss3_vuldb_e	X	derived from historical data	01/13/2022	accepted	80
12038227	01/13/2022	VulD...	cvss3_vuldb_pr	L	derived from historical data	01/13/2022	accepted	80
12038226	01/13/2022	VulD...	cvss3_vuldb_av	A	derived from historical data	01/13/2022	accepted	80
12038225	01/13/2022	VulD...	cvss2_vuldb_rl	ND	derived from historical data	01/13/2022	accepted	80
12038224	01/13/2022	VulD...	cvss2_vuldb_e	ND	derived from historical data	01/13/2022	accepted	80
12038223	01/13/2022	VulD...	cvss2_vuldb_au	S	derived from historical data	01/13/2022	accepted	80
12038222	01/13/2022	VulD...	cvss2_vuldb_av	A	derived from historical data	01/13/2022	accepted	80
12038221	01/13/2022	VulD...	cvss2_vuldb_rc	C	derived from vuldb v3 vector	01/13/2022	accepted	80
12038220	01/13/2022	VulD...	cvss2_vuldb_ai	P	derived from vuldb v3 vector	01/13/2022	accepted	80
12038219	01/13/2022	VulD...	cvss2_vuldb_ii	P	derived from vuldb v3 vector	01/13/2022	accepted	80
12038218	01/13/2022	VulD...	cvss2_vuldb_ci	P	derived from vuldb v3 vector	01/13/2022	accepted	80

18 more entries are not shown

🔒 Login Required

You need to signup and login to see more of the remaining 18 results.

◂ Previous Overview Next ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!