CVE-2022-24576 — Use After Free in Gpac

Severity

5.5MEDIUMNVD

EPSS

0.1%

top 64.78%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Timeline

PublishedMar 14

Latest updateJun 20

Description

GPAC 1.0.1 is affected by Use After Free through MP4Box.

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

▶NVDgpac/gpac1.0.1

GHSA

GHSA-8vw4-8p44-rx37: GPAC 1↗2022-03-15

▶

OSV

CVE-2022-24576: GPAC 1↗2022-03-14

▶

Red Hat

kernel: bpf: Use VM_MAP instead of VM_ALLOC for ringbuf↗2024-06-20

▶

Debian

CVE-2022-24576: gpac - GPAC 1.0.1 is affected by Use After Free through MP4Box.↗2022

▶