Vulnerabilities > CVE-2023-48014 - Out-of-bounds Write vulnerability in Gpac 2.3Devrev566G50C2Ab06Fmaster

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

gpac

CWE-787

NVD

Published: 2023-11-15

Updated: 2023-11-22

Summary

GPAC v2.3-DEV-rev566-g50c2ab06f-master was discovered to contain a stack overflow via the hevc_parse_vps_extension function at /media_tools/av_parsers.c.

Vulnerable Configurations

Part	Description	Count
Application	Gpac Gpac Gpac 2.3-Dev-Rev566-G50C2Ab06F-Master	1

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

References

https://github.com/gpac/gpac/issues/2613
https://github.com/gpac/gpac/commit/66abf0887c89c29a484d9e65e70882794e9e3a1b