Vulnerabilities > CVE-2023-4679 - Use After Free vulnerability in Gpac 2.3.0Dev

CVSS 5.5 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

local

low complexity

gpac

CWE-416

NVD

Published: 2024-11-15

Updated: 2024-11-19

Summary

A use after free vulnerability exists in GPAC version 2.3-DEV-revrelease, specifically in the gf_filterpacket_del function in filter_core/filter.c at line 38. This vulnerability can lead to a double-free condition, which may cause the application to crash.

Vulnerable Configurations

Part	Description	Count
Application	Gpac Gpac Gpac 2.3.0-Dev	1

Common Weakness Enumeration (CWE)

CWE-416 - Use After Free

References

https://huntr.com/bounties/6f721ee7-8785-4c26-801e-f40fed3faaac
https://github.com/gpac/gpac/commit/b68b3f0bf5c366e003221d78fd663a1d5514a876