Vulnerabilities > CVE-2023-48011 - Use After Free vulnerability in Gpac 2.3Devrev566G50C2Ab06Fmaster

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

gpac

CWE-416

NVD

Published: 2023-11-15

Updated: 2023-11-22

Summary

GPAC v2.3-DEV-rev566-g50c2ab06f-master was discovered to contain a heap-use-after-free via the flush_ref_samples function at /gpac/src/isomedia/movie_fragments.c.

Vulnerable Configurations

Part	Description	Count
Application	Gpac Gpac Gpac 2.3-Dev-Rev566-G50C2Ab06F-Master	1

Common Weakness Enumeration (CWE)

CWE-416 - Use After Free

References

https://github.com/gpac/gpac/issues/2611
https://github.com/gpac/gpac/commit/c70f49dda4946d6db6aa55588f6a756b76bd84ea