Vulnerabilities > CVE-2021-31260 - NULL Pointer Dereference vulnerability in Gpac 1.0.1

047910
CVSS 5.5 - MEDIUM
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
local
low complexity
gpac
CWE-476

Summary

The MergeTrack function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command.

Vulnerable Configurations

Part Description Count
Application
Gpac
1

Common Weakness Enumeration (CWE)