GPAC up to 1.0.1 reframe_nalu.c naludmx_create_avc_decoder_config null pointer dereference

A vulnerability was found in GPAC up to 1.0.1 and classified as problematic. This issue affects the function naludmx_create_avc_decoder_config of the file reframe_nalu.c. Applying the patch 5ce0c906ed8599d218036b18b78e8126a496f137 is able to eliminate this problem. The bugfix is ready for download at github.com.

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

User

120

Field

source_cve_nvd_summary1
vulnerability_cvss3_vuldb_rl1
source_cve1
countermeasure_patch_url1
countermeasure_patch_name1

Commit Conf

90%27
50%14
70%1

Approve Conf

90%27
80%14
70%1
IDCommitedUserFieldChangeRemarksAcceptedReasonC
1205019501/15/2022VulD...cve_nvd_summaryA Segmentation fault exists casued by null pointer dereference exists in Gpac through 1.0.1 via the naludmx_create_avc_decoder_config function in reframe_nalu.c when using mp4box, which causes a denial of service.cve.mitre.org01/15/2022accepted
70
1203848501/13/2022VulD...price_0day$0-$5ksee exploit price documentation01/13/2022accepted
90
1203848401/13/2022VulD...cvss3_meta_tempscore3.4see CVSS documentation01/13/2022accepted
90
1203848301/13/2022VulD...cvss3_meta_basescore3.5see CVSS documentation01/13/2022accepted
90
1203848201/13/2022VulD...cvss3_vuldb_tempscore3.4see CVSS documentation01/13/2022accepted
90
1203848101/13/2022VulD...cvss3_vuldb_basescore3.5see CVSS documentation01/13/2022accepted
90
1203848001/13/2022VulD...cvss2_vuldb_tempscore2.0see CVSS documentation01/13/2022accepted
90
1203847901/13/2022VulD...cvss2_vuldb_basescore2.3see CVSS documentation01/13/2022accepted
90
1203847801/13/2022VulD...cvss3_vuldb_eXderived from historical data01/13/2022accepted
80
1203847701/13/2022VulD...cvss3_vuldb_uiNderived from historical data01/13/2022accepted
80
1203847601/13/2022VulD...cvss3_vuldb_prLderived from historical data01/13/2022accepted
80
1203847501/13/2022VulD...cvss3_vuldb_acLderived from historical data01/13/2022accepted
80
1203847401/13/2022VulD...cvss3_vuldb_avAderived from historical data01/13/2022accepted
80
1203847301/13/2022VulD...cvss2_vuldb_eNDderived from historical data01/13/2022accepted
80
1203847201/13/2022VulD...cvss2_vuldb_auSderived from historical data01/13/2022accepted
80
1203847101/13/2022VulD...cvss2_vuldb_acMderived from historical data01/13/2022accepted
80
1203847001/13/2022VulD...cvss2_vuldb_avAderived from historical data01/13/2022accepted
80
1203846901/13/2022VulD...cvss2_vuldb_rlOFderived from vuldb v3 vector01/13/2022accepted
80
1203846801/13/2022VulD...cvss2_vuldb_rcCderived from vuldb v3 vector01/13/2022accepted
80
1203846701/13/2022VulD...cvss2_vuldb_aiPderived from vuldb v3 vector01/13/2022accepted
80

22 more entries are not shown

Do you know our Splunk app?

Download it now for free!